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(54) DATA PROVIDING SYSTEM AND METHOD THEREFOR 



(57) To provide a data providing system able to pro- 
tect the interests of interested parties of a data providing 
apparatus. The content provider 101 distributes a se- 
cure container 1 04 storing content data encrypted using 
content key data, content key data encrypted using dis- 
tribution key data : and encrypted usage control policy 



data showing handling of the content data to a SAM 
105 1 of a user home network 103. The SAM 105! etc. 
decrypts the content key data and usage control policy 
data stored in the secure container 1 04 and determines 
the handling such as the purchase form and usage form 
of the content data based on the decrypted usage con- 
trol policy data. 
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Description 
TECHNICAL FIELD 

[0001] The present invention relates to a data provid- 
ing system providing content data and a method of 
same, a data providing apparatus, and a data process- 
ing apparatus. 

BACKGROUND ART 

[0002] There is a data providing system for distribut- 
ing encrypted content data to data processing appara- 
tuses of users concluding predetermined contracts and 
having the related data processing apparatuses decrypt 
and reproduce and record the content data. 
[0003] As one of such data providing systems, there 
is the conventional EMD (electronic music distribution) 
system for distributing music data. 
[0004] Figure 145 is a view of the configuration of a 
conventional EMD system 700. 

[0005] In the EMD system 700 shown in Fig. 1 45, con- 
tent providers 701a and 701b encrypt content data 
704a , 704b, and 704c and copyright information 705a, 
705b. and 705c by session key data obtained after mu- 
tual certification and supply them to a service provider 
71 0 on-line or supply by off-line. Here, the copyright in- 
formation 705a, 705b, and 705c include for example 
SCMS (serial copy management system) information, 
electronic watermark information requesting burying in 
the content data, and information concerning the copy- 
right requesting burying in a transmission protocol of the 
service provider 710. 

[0006] The service provider 71 0 decrypts the received 
content data 704a, 704b, and 704c and copyright infor- 
mation 705a, 705b, and 705c by using the session key 
data. 

[0007] Then , the service provider 71 0 buries the cop- 
yright information 705a, 705b, and 705c in the content 
data 704a, 704b, and 704c decrypted or received off- 
line to produce content data 707a, 707b, and 707c. At 
this time, the service provider 71 0 changes predeter- 
mined frequency domains of for example the electronic 
watermark information among the copyright information 
705a. 705b, and 705c and buries them in the content 
data 704a, 704b, and 704c and buries the SCMS infor- 
mation in a network protocol used when transmitting the 
related content data to the user. 

[0008] Further, the service provider 710 encrypts the 
content data 707a, 707b, and 707c by using content key 
data Kca, Kcb, and Kcc read out from a key database 
706. Thereafter, the service provider 710 encrypts a se- 
cure container 722 storing the encrypted content data 
707a, 707b, and 707c by the session key data obtained 
after the mutual certification and transmits the same to 
a CA (conditional access) module 711 existing in a ter- 
minal 709 of the user. 

[0009] The CA module 711 decrypts the secure con- 



tainer 722 by using the session key data. Also, the CA 
module 71 1 receives the content key data Kca, Kcb : and 
Kcc from the key database 706 of the service provider 
710 by using a charge function such as an electronic 

5 settlement and CA and decrypts them by using the ses- 
sion key data. By this, in the terminal 709, it becomes 
possible to decrypt the content data 707a, 707b, and 
707c by using the content key data Kca s Kcb, and Kcc. 
[0010] At this time, the CA module 711 performs 

io charge processing in units of content, produces charge 
information 721 in accordance with a result of this, and 
encrypts this by the session key data and then transmits 
the same to a right clearing module 720 of the service 
provider 710. 

15 [0011] In this case, the CA module 711 collects items 
to be managed by the service provider 710 concerning 
services provided by itself, that is. the contract (update) 
information and the monthly basic fee and other network 
rent of the users, performs the charge processing in 

20 units of the content, and ensure security of a physical 
layer of the network. 

[0012] The service provider 710 performs distributes 
profit among the service provider 710 and the content 
providers 701a, 701 b, and 701c when receiving the 
25 charge information 721 from the CA module 71 1 . 

[0013] At this time, the profit is distributed from the 
service provider 710 to the content providers 701a, 
701 b, and 701c via for example the JASRAC (Japanese 
Society for Rights of Authors, Composers, and Publish- 
30 ers). Also, the profit of the content provider is distributed 
to copyright owner, an artist, a song writer, and/or com- 
poser of the related content data and their affiliated pro- 
duction companies by the JASRAC. 
[0014] Also, in the terminal 709, when recording the 
35 content data 707a, 707b. and 707c decrypted by using 
the content key data Kca, Kcb, and Kcc in a RAM type 
storage medium 723 or the like, copying is controlled by 
rewriting SCMS bits of the copyright information 705a, 
705b, and 705c. Namely, on the user side, copying is 
40 controlled based on the SCMS bits buried in the content 
data 707a, 707b, and 707c to achieve protection of the 
copyright. 

[001 5) The SCMS prohibits copying of the content da- 
ta over for example two generations. Copying of one 
45 generation can be carried out without restriction, how- 
ever, so there is a problem of insufficient protection of 
the copyright owner. 

[0016] Also, in the EMD system 700, the content data 
not encrypted by the service provider 710 can be tech- 
no nically freely handled, so interested parties of the con- 
tent provider 71 0 must monitor actions etc. of the service 
provider 710, so there are problems in that the load of 
the related monitoring is large and, at the same time, 
there is a high possibility of improper loss of the profit 
55 of the content provider 701 . 

[0017] Also, in the EMD system 700, it is difficult to 
restrict acts of the terminal 709 of the user authoring the 
content data distributed from the service provider 710 
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and redistributing the same to another terminal etc., so 
there is the problem of the improper toss of the profit of 
the content provider 701 . 

DISCLOSURE THE INVENTION 

[0018] The present invention was made in consider- 
ation with the problems of the related art mentioned 
above and has as an object thereof to provide a data 
providing system capable of adequately protecting the 
profit of right holders (interested parties) of the content 
provider and a method of the same. 
[001 9] Also, another object of the present invention is 
to provide a data providing system capable of reducing 
the load of inspection for protecting the profit of the right 
holders of the content provider and a method of the 
same. 

[0020] To solve the problems of the prior art men- 
tioned above and achieve the above objects, a data pro- 
viding system of a first aspect of the present invention 
is preferably a data providing system for distributing 
content data from a data providing apparatus to a data 
processing apparatus and managing the data providing 
apparatus and the data processing apparatus by a man- 
agement apparatus : wherein the management appara- 
tus produces a key file storing encrypted content key 
data and encrypted usage control policy data indicating 
handling of the content data, the data providing appara- 
tus provides the content data encrypted by using the 
content key data, and the data processing apparatus de- 
crypts the content key data and the usage control policy 
data stored in the key file and determines the handling 
of the content data based on the related decrypted us- 
age control policy data. 

[0021] The mode of operation of the data providing 
system of the first aspect of the present invention be- 
comes as follows. 

[0022] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related key file is 
sent to the data providing apparatus. 
[0023] Then r the content data encrypted by using the 
content key data is provided from the data providing ap- 
paratus to the data processing apparatus. 
[0024] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the key file are decrypted, and the handling of 
the content data is determined based on the related de- 
crypted usage control policy data. 
[0025] Also, a data providing system of a second as- 
pect of the present invention is a data providing system 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 



data indicating handling of the content data, the data 
providing apparatus distributes a module storing a con- 
tent file storing the content data encrypted by using the 
content key data and the key file received from the man- 

5 agement apparatus to the data processing apparatus, 
and the data processing apparatus decrypts the content 
key data and the usage control policy data stored in the 
distributed module and determines the handling of the 
content data based on the related decrypted usage con- 

io trol policy data. 

[0026] The mode of operation of the data providing 
system of the second aspect of the present invention 
becomes as follows. 

[0027] In the management apparatus, the key file 
15 storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced. 

[0028] Then, the related produced key file is distribut- 
ed from the management apparatus to the data provid- 

20 ing apparatus. 

[0029] Then, the module storing the content file stor- 
ing the content data encrypted by using the content key 
data and the key file received from the management ap- 
paratus is distributed from the data providing apparatus 

25 to the data processing apparatus. 

[0030] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed module are decrypted, and the 
handling of the content data is determined based on the 

30 related decrypted usage control policy data. 

[0031 ] A data providing system of a third aspect of the 
present invention is a data providing system for distrib- 
uting content data from a data providing apparatus to a 
data processing apparatus and managing the data pro- 

35 viding apparatus and the data processing apparatus by 
a management apparatus, wherein the management 
apparatus produces a key file storing encrypted content 
key data and encrypted usage control policy data indi- 
cating handling of the content data, the data providing 

40 apparatus distributes a module storing a content file 
containing content data encrypted by using the content 
key data and the key file received from the management 
apparatus to the data processing apparatus . and the da- 
ta processing apparatus decrypts the content key data 

45 and the usage control policy data stored in the distrib- 
uted module and determines the handling of the content 
data based on the related decrypted usage control pol- 
icy data. 

[0032] The mode of operation of the data providing 
so system of the third aspect of the present invention be- 
comes as follows. 

[0033] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
55 the content data is produced, and the related produced 
key file is sent to the data providing apparatus. 
[0034] Then, the module storing the content file con- 
taining the content data encrypted by using the content 
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key data and the key file received from the management 
apparatus is distributed from the data providing appara- 
tus to the data processing apparatus. 
[0035] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed module are decrypted, and the 
handling of the content data is determined based on the 
related decrypted usage control policy data. 
[0036] Also, a data providing system of a fourth as- 
pect of the present invention is a data providing system 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating handling of the content data, the data 
providing apparatus individually distributes the content 
file storing the content data encrypted by using the con- 
tent key data and the key file received from the manage- 
ment apparatus to the data processing apparatus, and 
the data processing apparatus decrypts the content key 
data and the usage control policy data stored in the dis- 
tributed key file and determines the handling of the con- 
tent data stored in the distributed content file based on 
the related decrypted usage control policy data. 
[0037] The mode of operation of the data providing 
system of the fourth aspect of the present invention be- 
comes as follows. 

[0038] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related produced 
key file is sent to the data providing apparatus. 
[0039] Then, in the data providing apparatus, the con- 
tent file storing the content data encrypted by using the 
content key data and the key file received from the man- 
agement apparatus are distributed. 
[0040] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the content data stored in the distributed 
content file is determined based on the related decrypt- 
ed usage control policy data. 

[0041] Also, a data providing system of a fifth aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating handling of the content data and distrib- 
utes the related produced key file to the data processing 
apparatus, the data providing apparatus distributes a 
content file storing the content data encrypted by using 
the content key data to the data processing apparatus, 
and the data processing apparatus decrypts the content 



key data and the usage control policy data stored in the 
distributed key file and determines the handling of the 
content data stored in the distributed content file based 
on the related decrypted usage control policy data. 
5 [0042] The mode of operation of the data providing 
system of the fifth aspect of the present invention be- 
comes as follows. 

[0043] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
10 ed usage control policy data indicating the handling of 
the content data is produced. 

[0044] The related produced key file is distributed 
from the management apparatus to the data processing 
apparatus. 

15 [0045] Also, the content file storing the content data 
encrypted by using the content key data is distributed 
from the data providing apparatus to the data process- 
ing apparatus. 

[0046] Then, in the data processing apparatus, the 
20 content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the content data stored in the distributed 
content file is determined based on the related decrypt- 
ed usage control policy data. 
25 [0047] Also, a data providing system of a sixth aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
30 paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating handling of the content data, the data 
providing apparatus distributes a module storing the 
35 content data encrypted by using the content key data 
and the key file received from the management appara- 
tus to the data processing apparatus, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
40 module and determines the handling of the content data 
based on the related decrypted usage control policy da- 
ta. 

[0048] The mode of operation of the data providing 
system of the sixth aspect of the present invention be- 
-*5 comes as follows. 

[0049] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related produced 
so key file is sent to the data providing apparatus. 

[0050] Then, the module storing the content data en- 
crypted by using the content key data and the key file 
received from the management apparatus is distributed 
from the data providing apparatus to the data process- 
es ing apparatus. 

[0051] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed module are decrypted, and the 
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handling of the content data is determined based on the 
related decrypted usage control policy data. 
[0052) Also, a data providing system of a seventh as- 
pect of the present invention is a data providing system 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating handling of the content data, the data 
providing apparatus individually distributes the content 
data encrypted by using the content key data and the 
key file received from the management apparatus to the 
data processing apparatus, and the data processing ap- 
paratus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the distributed content data 
based on the related decrypted usage control policy da- 
ta. 

[0053] The mode of operation of the data providing 
system of the seventh aspect of the present invention 
becomes as follows. 

[0054] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related produced 
key file is sent to the data providing apparatus. 
[0055] Then, the content data encrypted by using the 
content key data and the key file received from the man- 
agement apparatus are individually distributed from the 
data providing apparatus to the data processing appa- 
ratus. 

[0056] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the distributed content data is determined 
based on the related decrypted usage control policy da- 
ta. 

[0057] Also, a data providing system of an eighth as- 
pect of the present invention is a data providing system 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating handling of the content data and distrib- 
utes the related produced key file to the data processing 
apparatus, the data processing apparatus distributes 
the content data encrypted by using the content key data 
to the data processing apparatus, and the data process- 
ing apparatus decrypts the content key data and the us- 
age control policy data stored in the distributed key file 
and determines the handling of the distributed content 
data based on the related decrypted usage control pol- 
icy data. 

[0058] The mode of operation of the data providing 



system of the eighth aspect of the present invention be- 
comes as follows. 

[0059] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
5 ed usage control policy data indicating the handling of 
the content data is produced, and the related produced 
key file is sent to the data processing apparatus. 
[0060] Also, the content data encrypted by using the 
content key data are distributed from the data providing 
apparatus to the data processing apparatus. 
[0061] Then t in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the distributed content data is determined 
based on the related decrypted usage control policy da- 
ta. 

[0062] Also, a data providing system of a ninth aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces encrypted content key da- 
ta and encrypted usage control policy data indicating 
handling of the content data, the data providing appara- 
tus individually distributes the content data encrypted by 
using the content key data, the encrypted content key 
data received from the management apparatus, and the 
encrypted usage control policy data to the data process- 
ing apparatus, and the data processing apparatus de- 
crypts the distributed content key data and the usage 
control policy data and determines the handling of the 
content data stored in the distributed content file based 
on the related decrypted usage control policy data. 
[0063] The mode of operation of the data providing 
system of the ninth aspect of the present invention be- 
comes as follows. 

[0064] In the management apparatus, the encrypted 
content key data and the encrypted usage control policy 
data indicating the handling of the content data are pro- 
duced, and they are sent to the data providing appara- 
tus. 

[0065] Then, the content data encrypted by using the 
content key data and the encrypted content key data 
and the encrypted usage control policy data received 
from the management apparatus are individually distrib- 
uted from the data providing apparatus to the data 
processing apparatus. 

[0066] Then, in the data processing apparatus, the 
distributed content key data and the usage control policy 
data are decrypted, and the handling of the content data 
stored in the distributed content file is determined based 
on the related decrypted usage control policy data. 
[0067] Also, a data providing system of a 1 0th aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
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paratus by a management apparatus, wherein the man- 
agement apparatus produces encrypted content key da- 
ta and encrypted usage control policy data indicating 
handling of the content data and distributes the same to 
the data processing apparatus, the data providing ap- 
paratus distributes the content data encrypted by using 
the content key data to the data processing apparatus, 
and the data processing apparatus decrypts the distrib- 
uted content key data and the usage control policy data 
and determines the handling of the distributed content 
data based on the related decrypted usage control pol- 
icy data. 

[0068] The mode of operation of the data providing 
system of the 10th aspect of the present invention be- 
comes as follows. 

[0069] In the management apparatus, the encrypted 
content key data and the encrypted usage control policy 
data indicating the handling of the content data are pro- 
duced, and they are sent to the data processing appa- 
ratus. 

[0070] Also, the content data encrypted by using the 
content key data are distributed from the data providing 
apparatus to the data processing apparatus. 
[0071] Then, in the data processing apparatus, the 
distributed content key data and the usage control policy 
data are decrypted, and the handling of the distributed 
content data is determined based on the related de- 
crypted usage control policy data. 
[0072] Also, a data providing system of an 1 1th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a data processing apparatus, and a manage- 
ment apparatus, wherein the management apparatus 
produces a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, the data providing appara- 
tus provides the content data encrypted by using the 
content key data, the data distribution apparatus distrib- 
utes the provided content data to the data processing 
apparatus, and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the key file and determines the handling of the 
distributed content data based on the related decrypted 
usage control policy data. 

[0073] The mode of operation of the data providing 
system of the 11th aspect of the present invention be- 
comes as follows. 

[0074] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced. 

[0075] Then, the content data encrypted by using the 
content key data is provided from the data providing ap- 
paratus to the data distribution apparatus. 
[0076] Then, the provided content data is distributed 
from the data distribution apparatus to the data process- 
ing apparatus. 

[0077] Then, in the data processing apparatus, the 



content key data and the usage control policy data 
stored in the key file are decrypted, and the handling of 
the distributed content data is determined based on the 
related decrypted usage control policy data. 
5 [0078] Also, a data providing system of a 12th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus produces a key file 
storing encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, the data providing apparatus provides a first mod- 
ule storing a content file storing the content data en- 
crypted by using the content key data and the key file 
received from the management apparatus to the data 
distribution apparatus, the data distribution apparatus 
distributes a second module storing the provided con- 
tent file and the key file to the data processing appara- 
tus, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the distributed second module and determines 
the handling of the content data stored in the distributed 
second module based on the related decrypted usage 
control policy data. 

[0079] The mode of operation of the data providing 
system of the 12th aspect of the present invention be- 
comes as follows. 

[0080] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related produced 
key file is sent to the data providing apparatus. 
[0081] Then, the first module storing the content file 
storing the content data encrypted by using the content 
key data and the key file received from the management 
apparatus is provided from the data providing apparatus 
to the data distribution apparatus. 
[0082] Then, the second module storing the provided 
content file and the key file is distributed from the data 
distribution apparatus to the data processing apparatus. 
[0083] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed second module are decrypted, 
and the handling of the content data stored in the dis- 
tributed second module is determined based on the re- 
lated decrypted usage control policy data. 
[0084] Also, a data providing system of a 13th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
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wherein the management apparatus produces a key file 
storing encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, the data providing apparatus provides a first mod- 
ule storing a content file containing the content data en- 
crypted by using the content key data and a key file re- 
ceived from the management apparatus to the data dis- 
tribution apparatus, the data distribution apparatus dis- 
tributes a second module storing the provided content 
file to the data processing apparatus, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
second module and determines the handling of the con- 
tent data stored in the distributed second module based 
on the related decrypted usage control policy data. 
[0085] Also, a data providing system of a 14th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus produces a key file 
storing encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, the data providing apparatus individually distrib- 
utes a content file storing the content data encrypted by 
using the content key data and the key file received from 
the management apparatus to the data distribution ap- 
paratus, the data distribution apparatus individually dis- 
tributes the distributed content file and key file to the da- 
ta processing apparatus, and the data processing ap- 
paratus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

[0086] Also, a data providing system of a 1 5th aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data and dis- 
tributes the related produced key file to the data 
processing apparatus, the data providing apparatus 
provides a content file storing the content data encrypt- 
ed by using the content key data to the data distribution 
apparatus, the data distribution apparatus distributes 
the provided content file to the data processing appara- 
tus, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the distributed key file and determines the han- 
dling of the content data stored in the distributed content 
file based on the related decrypted usage control policy 



data. 

[0087] Also, a data providing system of a 1 6th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 

5 to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 

10 wherein the management apparatus produces a key file 
storing encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, the data providing apparatus provides a first mod- 
ule storing the content data encrypted by using the con- 
's tent key data and the key file received from the manage- 
ment apparatus to the data distribution apparatus, the 
data distribution apparatus distributes a second module 
storing the provided content data and the key file to the 
data processing apparatus, and the data processing ap- 

20 paratus decrypts the content key data and the usage 
control policy data stored in the distributed second mod- 
ule and determines the handling of the content data 
stored in the distributed second module based on the 
related decrypted usage control policy data. 

25 [0088] Also, a data providing system of a 1 7th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 

30 processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus produces a key file 
storing encrypted content key data and encrypted usage 

35 control policy data indicating the handling of the content 
data, the data providing apparatus individually distrib- 
utes the content data encrypted by using the content key 
data and the key file received from the management ap- 
paratus to the data distribution apparatus, the data dis- 

40 tribution apparatus individually distributes the distribut- 
ed content data and the key file to the data distribution 
apparatus, and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the distributed key file and determines the han- 

45 dling of the distributed content data based on the related 
decrypted usage control policy data. 
[0089] Also, a data providing system of an 1 8th aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 

50 tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 

55 data indicating the handling of the content data and dis- 
tributes the related produced key file to the data 
processing apparatus, the data processing apparatus 
provides the content data encrypted by using the con- 
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tent key data to the data distribution apparatus, the data 
distribution apparatus distributes the provided content 
data to the data processing apparatus, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the distributed 
content data based on the related decrypted usage con- 
trol policy data. 

[0090] Also, a data providing system of a 1 9th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus provides encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data to the 
data providing apparatus, the data providing apparatus 
individually distributes the content data encrypted by us- 
ing the content key data and the encrypted content key 
data and the encrypted usage control policy data re- 
ceived from the management apparatus to the data dis- 
tribution apparatus, the data distribution apparatus indi- 
vidually distributes the distributed content data, the en- 
crypted content key data, and the encrypted usage con- 
trol policy data to the data distribution apparatus, and 
the data processing apparatus decrypts the distributed 
content key data and the usage control policy data and 
determines the handling of the distributed content data 
based on the related decrypted usage control policy da- 
ta. 

[0091] Also, a data providing system of a 20th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus provides encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data to the 
data processing apparatus, the data providing appara- 
tus provides the content data encrypted by using the 
content key data to the data distribution apparatus, the 
data distribution apparatus distributes the provided con- 
tent data to the data processing apparatus, and the data 
processing apparatus decrypts the distribute the con- 
tent key data and the usage control policy data and de- 
termines the handling of the distributed content data 
based on the related decrypted usage control policy da- 
ta. 

[0092] Also, a data providing system of a 21 st aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, and a data process- 



ing apparatus, wherein the data providing apparatus 
provides master source data of content to the manage- 
ment apparatus, the management apparatus manages 
the data providing apparatus, the data distribution ap- 

5 paratus, and the data processing apparatus, encrypts 
the provided master source data by using content key 
data to produce content data, produces a content file 
storing the related content data, produces a key file stor- 
ing the encrypted content key data and encrypted usage 

10 control policy data indicating the handling of the content 
data, and provides the content file and the key file to the 
data distribution apparatus, the data distribution appa- 
ratus distributes the provided content file and the key 
file to the data processing apparatus, and the data 

'5 processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 

20 [0093] Also, a data providing system of a 22nd aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, and a data process- 
ing apparatus, wherein the data providing apparatus 

25 provides master source data of content to the manage- 
ment apparatus, the management apparatus manages 
the data providing apparatus, the data distribution ap- 
paratus, and the data processing apparatus, encrypts 
the provided master source data by using content key 

30 data to produce content data, produces a content file 
storing the related content data, produces a key file stor- 
ing the encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, and provides the content file to the data distribution 

35 apparatus, provides the key file to the data processing 
apparatus, the data distribution apparatus distributes 
the provided content file to the data processing appara- 
tus, and the data processing apparatus decrypts the 
content key data and the usage control policy data 

40 stored in the distributed key file and determines the han- 
dling of the content data stored in the distributed content 
file based on the related decrypted usage control policy 
data. 

[0094] Also, a data providing system of a 23rd aspect 
45 of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, and a data process- 
ing apparatus, wherein the data providing apparatus 
provides a content file storing encrypted content data 
so using content key data to the management apparatus, 
the management apparatus manages the data provid- 
ing apparatus, the data distribution apparatus, and the 
data processing apparatus, produces a key file storing 
the encrypted content key data and encrypted usage 
55 control policy data indicating the handling of the content 
data, and provides the content file provided from the da- 
ta providing apparatus and the produced key file to the 
data distribution apparatus, the data distribution appa- 
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ratus distributes the provided content file and the key 
file to the data processing apparatus, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0095] Also, a data providing system of a 24th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus , a management apparatus, and a data process- 
ing apparatus, wherein the data providing apparatus 
provides a content file storing encrypted content data 
using content key data to the management apparatus, 
the management apparatus manages the data provid- 
ing apparatus, the data distribution apparatus, and the 
data processing apparatus . produces a key file storing 
the encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, provides the content file provided from the data 
providing apparatus to the data distribution apparatus, 
and provides the produced key file to the data process- 
ing apparatus, the data distribution apparatus distrib- 
utes the provided content file to the data processing ap- 
paratus; and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the provided key file and determines the han- 
dling of the content data stored in the distributed content 
file based on the related decrypted usage control policy 
data. 

[0096] Also, a data providing system of a 25th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, a database device, 
and a data processing apparatus, wherein the data pro- 
viding apparatus encrypts content data by using content 
key data, produces a content file storing the related en- 
crypted content data, and stores the related produced 
content file and a key file provided from the manage- 
ment apparatus in the database device, the manage- 
ment apparatus produces the key file storing the en- 
crypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 
and provides the related produced key file to the data 
providing apparatus, the data distribution apparatus dis- 
tributes the content file and key file obtained from the 
database device to the data processing apparatus, and 
the data processing apparatus decrypts the content key 
data and the usage control policy data stored in the dis- 
tributed key file and determines the handling of the con- 
tent data stored in the distributed content file based on 
the related decrypted usage control policy data. 
[0097] Also, a data providing system of a 26th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, a database device, 
and a data processing apparatus, wherein the data pro- 
viding apparatus encrypts content data by using content 



key data, produces a content file storing the related en- 
crypted content data, and stores the related produced 
content file in the database device, the management ap- 
paratus produces the key file storing the encrypted con- 

5 tent key data and encrypted usage control policy data 
indicating the handling of the content data and provides 
the related produced key file to the data distribution ap- 
paratus, the data distribution apparatus distributes the 
content file obtained from the database device and the 

io key file provided from the data distribution apparatus to 
the data processing apparatus, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the content data stored in 

15 the distributed content file based on the related decrypt- 
ed usage control policy data. 

[0098] Also, a data providing system of a 27th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 

20 paratus, a management apparatus , a database device, 
and a data processing apparatus, wherein the data pro- 
viding apparatus encrypts content data by using content 
key data, produces a content file storing the related en- 
crypted content data, and stores the related produced 

25 content file in the database device, the management ap- 
paratus produces the key file storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data and provides 
the related produced key file to the data processing ap- 

30 paratus, the data distribution apparatus distributes the 
content file obtained from the database device and the 
key file provided from the data distribution apparatus to 
the data processing apparatus, and the data processing 
apparatus decrypts the content key data and the usage 

35 control policy data stored in the provided key file and 
determines the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

[0099] Also, a data providing system of a 28th aspect 

^o of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses encrypt 

45 content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files and key files 
provided from corresponding management apparatus- 
es in the database device, the management apparatus- 

50 es produce key files storing the encrypted content key 
data and the encrypted usage control policy data indi- 
cating the handling of the content data for the content 
data provided by corresponding data providing appara- 
tuses, and provide the related produced key files to cor- 

55 responding data providing apparatuses, the data distri- 
bution apparatus distributes the content files and key 
files obtained from the database device to the data 
processing apparatus, and the data processing appara- 
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tus decrypts the content key data and the usage control 
policy data stored in the distributed key files and deter- 
mines the handling of the content data stored in the dis- 
tributed content files based on the related decrypted us- 
age control policy data. 

[01 00] Also, a data providing system of a 29th aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files in the database 
device, the management apparatuses produce key files 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data for the content data provided by corre- 
sponding data providing apparatuses, and provide the 
related produced key files to the data distribution appa- 
ratus: the data distribution apparatus distributes the 
content files obtained from the database device and the 
key files provided from the management apparatus to 
the data processing apparatus, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the distributed key files and 
determines the handling of the content data stored in 
the distributed content files based on the^ related de- 
crypted usage control policy data. 
[0101] Also, a data providing system of a 30th aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files in the database 
device, the management apparatuses produce key files 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data for the content data provided by corre- 
sponding data providing apparatuses, and provide the 
related produced key files to the data processing appa- 
ratus, the data distribution apparatus distributes the 
content files obtained from the database device to the 
data processing apparatus, and the data processing ap- 
paratus decrypts the content key data and the usage 
control policy data stored in the distributed key files and 
determines the handling of the content data stored in 
the distributed content files based on the related de- 
crypted usage control policy data. 
[0102] Also, a data providing system of a 31st aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses provide 



master sources of content data to corresponding man- 
agement apparatuses and store content files and key 
files received from the related management apparatus- 
es in the database, the management apparatuses en- 

5 crypt the master sources received from corresponding 
data providing apparatuses by using content key data, 
produce the content files storing the related encrypted 
content data, produce key files storing the encrypted 
content key data and encrypted usage control policy da- 

io ta indicating the handling of the content data for the con- 
tent data provided by corresponding data providing ap- 
paratuses, and send the produced content files and the 
produced key files to corresponding data providing ap- 
paratuses, the data distribution apparatus distributes 

'5 the content files and key files obtained from the data- 
base device to the data processing apparatus, and the 
data processing apparatus decrypts the content key da- 
ta and the usage control policy data stored in the dis- 
tributed key files and determines the handling of the con- 

20 tent data stored in the distributed content files based on 
the related decrypted usage control policy data. 
[01 03] Also, a data providing system of a 32nd aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 

25 tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses, and store content files received 

30 from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 
paratuses by using content key data, produce the con- 
tent files storing the related encrypted content data, 

35 send the related produced content files to the data pro- 
viding apparatuses, produce key files storing the en- 
crypted content key data and encrypted usage control 
policy data indicating the handling of the content data 
for the content data provided by corresponding data pro- 

40 viding apparatuses, and send the produced key files to 
corresponding data distribution apparatus, the data dis- 
tribution apparatus distributes the content files obtained 
from the database device and the key files provided from 
the management apparatuses to the data processing 

45 apparatus, and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the distributed key files and determines the 
handling of the content data stored in the distributed 
content files based on the related decrypted usage con- 

50 trol policy data. 

[0104] Also, a data providing system of a 33rd aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 

55 tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses and store content files received 
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from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 
paratuses by using content key data, produce the con- 
tent files storing the related encrypted content data, 
send the related produced content files to the data pro- 
viding apparatuses, produce key files storing the en- 
crypted content key data and encrypted usage control 
policy data indicating the handling of the content data 
for the content data provided by corresponding data pro- 
viding apparatuses, and send the produced key files to 
the data processing apparatus, the data distribution ap- 
paratus distributes the content files obtained from the 
database device and the key files provided from the 
management apparatuses to the data processing appa- 
ratus, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the provided key files and determines the han- 
dling of the content data stored in the distributed content 
files based on the related decrypted usage control policy 
data. 

[0105] Also, a data providing method of a first aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data, the data 
providing apparatus provides the content data encrypt- 
ed by using the content key data, and the data process- 
ing apparatus decrypts the content key data and the us- 
age control policy data stored in the key file and deter- 
mines the handling of the content data based on the re- 
lated decrypted usage control policy data. 
[0106] Also, a data providing method of a second as- 
pect of the present invention is a data providing method 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, distributing the produced key file from the 
management apparatus to the data providing appara- 
tus, distributing a module storing a content file storing 
the content data encrypted by using the content key data 
and the key file distributed from the management appa- 
ratus from the data providing apparatus to the data 
processing apparatus, and in the data processing appa- 
ratus, decrypting the content key data and the usage 
control policy data stored in the distributed module and 
determining the handling of the content data based on 
the related decrypted usage control policy data. 
[01 07] Also, a data providing method of a third aspect 
of the present invention is a data providing method for 



distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 

5 steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, in the data providing apparatus, distribut- 
ing a module storing a content file containing the content 

io data encrypted by using the content key data and the 
key file received from the management apparatus to the 
data processing apparatus, and in the data processing 
apparatus, decrypting the content key data and the us- 
age control policy data stored in the distributed module 

15 and determining the handling of the content data based 
on the related decrypted usage control policy data. 
[0108] Also, a data providing method of a fourth as- 
pect of the present invention is a data providing method 
for distributing content data from a data providing appa- 

20 ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 

25 usage control policy data indicating the handling of the 
content data, distributing the related key file from the 
management apparatus to the data providing appara- 
tus, individually distributing a content file storing the 
content data encrypted by using the content key data 

30 and the key file received from the management appara- 
tus from the data providing apparatus to the data 
processing apparatus, and in the data processing appa- 
ratus, decrypting the content key data and the usage 
control policy data stored in the distributed key file and 

35 determining the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

[0109] Also, a data providing method of a fifth aspect 
of the present invention is a data providing method for 

<to distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 

45 file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, distributing the related key file from the 
management apparatus to the data processing appara- 
tus, distributing a content file storing the content data 

50 encrypted by using the content key data from the data 
providing apparatus to the data processing apparatus, 
and in the data processing apparatus, decrypting the 
content key data and the usage control policy data 
stored in the distributed key file and determining the 

55 handling of the content data stored in the distributed 
content file based on the related decrypted usage con- 
trol policy data. 

[0110] Also, a data providing method of a sixth aspect 
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of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, in the data providing apparatus, distribut- 
ing a module storing the content data encrypted by using 
the content key data and the key file received from the 
management apparatus to the data processing appara- 
tus, and in the data processing apparatus, decrypting 
the content key data and the usage control policy data 
stored in the distributed module and determining the 
handling of the content data based on the related de- 
crypted usage control policy data. 
[01 1 1] Also, a data providing method of a seventh as- 
pect of the present invention is a data providing method 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, in the data providing apparatus, individu- 
ally distributing the content data encrypted by using the 
content key data and the key file received from the man- 
agement apparatus to the data processing apparatus, 
and in the data processing apparatus, decrypting the 
content key data and the usage control policy data 
stored in the distributed key file and determining the 
handling of the distributed content data based on the 
related decrypted usage control policy data. 
[0112] Also, a data providing method of an eighth as- 
pect of the present invention is a data providing method 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, distributing the related produced key file 
to the data processing apparatus, in the data providing 
apparatus, distributing the content data encrypted by 
using the content key data to the data processing appa- 
ratus, and in the data processing apparatus, decrypting 
the content key data and the usage control policy data 
stored in the distributed key file and determining the 
handling of the distributed content data based on the 
related decrypted usage control policy data. 
[01 1 3] Also, a data providing method of a ninth aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 



paratus by a management apparatus., comprising the 
steps of : in the management apparatus, preparing en- 
crypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 

5 in the data providing apparatus, individually distributing 
the content data encrypted by using the content key data 
and the encrypted content key data and the encrypted 
usage control policy data received from the manage- 
ment apparatus to the data processing apparatus, and 

10 in the data processing apparatus, decrypting the distrib- 
uted content key data and the usage control policy data 
and determining the handling of the content data stored 
in the distributed content file based on the related de- 
crypted usage control policy data. 

is [01 14] Also, a data providing method of a 1 0th aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 

20 paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing en- 
crypted content key data and encrypted usage control 
policy data indicating the handling of the content data 
and distributing the same to the data processing appa- 

25 ratus, in the data providing apparatus, distributing the 
content data encrypted by using the content key data to 
the data processing apparatus, and in the data process- 
ing apparatus, decrypting the distributed content key da- 
ta and the usage control policy data and determining the 

30 handling of the distributed content data based on the 
related decrypted usage control policy data. 
[0115] Also, a data providing method of an 11th as- 
pect of the present invention is a data providing method 
using a data providing apparatus, a data distribution ap- 

35 paratus, a data processing apparatus, and a manage- 
ment apparatus, comprising the steps of, in the man- 
agement apparatus, preparing a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data, provid- 

40 ing the content data encrypted by using the content key 
data from the data providing apparatus to the data dis- 
tribution apparatus, in the data distribution apparatus, 
distributing the provided content data to the data 
processing apparatus, and in the data processing appa- 

45 ratus, decrypting the content key data and the usage 
control policy data stored in the key file and determining 
the handling of the distributed content data based on the 
related decrypted usage control policy data. 
[01 1 6] Also, a data providing method of a 1 2th aspect 

50 of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 

55 apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
preparing a key file storing encrypted content key data 
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and encrypted usage control policy data indicating the 
handling of the content data, distributing the related pro- 
duced key file from the management apparatus to the 
data providing apparatus, providing a first module stor- 
ing a content file storing the content data encrypted by 
using the content key data and the key file received f rom 
the management apparatus from the data providing ap- 
paratus to the data distribution apparatus, and distribut- 
ing a second module storing the provided content file 
and the key file from the data distribution apparatus to 
the data processing apparatus, and in the data process- 
ing apparatus, decrypting the content key data and the 
usage control policy data stored in the distributed sec- 
ond module and determining the handling of the content 
data stored in the distributed second module based on 
the related decrypted usage control policy data. 
[01 1 7] Also, a data providing method of a 1 3th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, in the data providing ap- 
paratus, providing a first module storing a content file 
containing the content data encrypted by using the con- 
tent key data and a key file received from the manage- 
ment apparatus to the data distribution apparatus, in the 
data distribution apparatus, distributing a second mod- 
ule storing the provided content file to the data process- 
ing apparatus, and in the data processing apparatus, 
decrypting the content key data and the usage control 
policy data stored in the distributed second module and 
determining the handling of the content data stored in 
the distributed second module based on the related de- 
crypted usage control policy data. 
[01 1 8] Also, a data providing method of a 1 4th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, distributing the produced 
key file from the management apparatus to the data pro- 
viding apparatus, individually distributing a content file 
storing the content data encrypted by using the content 
key data and the key file received from the management 
apparatus from the data providing apparatus to the data 
distribution apparatus, individually distributing the dis- 



tributed content file and the key file from the data distri- 
bution apparatus to the data distribution apparatus, and 
in the data processing apparatus, decrypting the content 
key data and the usage control policy data stored in the 

5 distributed key file and determining the handling of the 
content data stored in the distributed content file based 
on the related decrypted usage control policy data. 
[01 19] Also, a data providing method of a 1 5th aspect 
of the present invention is a data providing method for 

10 distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 

'5 fife storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, distributing the related produced key file 
from the management apparatus to the data processing 
apparatus, providing a content file storing the content 

20 data encrypted by using the content key data from the 
data providing apparatus to the data distribution appa- 
ratus, and distributing the provided content file from the 
data distribution apparatus to the data processing ap- 
paratus, and in the data processing apparatus, decrypt - 

25 ing the content key data and the usage control policy 
data stored in the distributed key file and determining 
the handling of the content data stored in the distributed 
content file based on the related decrypted usage con- 
trol policy data. 

30 [01 20] Also, a data providing method of a 1 6th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content, 
data from the data distribution apparatus to a data 

35 processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of ., in the management apparatus, 
preparing a key file storing encrypted content key data 

40 and encrypted usage control policy data indicating the 
handling of the content data, in the data providing ap- 
paratus, providing a first module storing the content data 
encrypted by using the content key data and the key file 
received from the management apparatus to the data 

45 distribution apparatus, in the data distribution appara- 
tus, distributing a second module storing the provided 
content data and the key file to the data processing ap- 
paratus, and in the data processing apparatus, decrypt- 
ing the content key data and the usage control policy 

50 data stored in the distributed second module and deter- 
mining the handling of the content data stored in the dis- 
tributed second module based on the related decrypted 
usage control policy data. 

[0121] Also, a data providing method of a 1 7th aspect 
55 of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
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processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, in the data providing ap- 
paratus; individually distributing the content data en- 
crypted by using the content key data and the key file 
received from the management apparatus to the data 
distribution apparatus, in the data distribution appara- 
tus, individually distributing the distributed content data 
and the key file to the data distribution apparatus, and 
in the data processing apparatus, decrypting the content 
key data and the usage control policy data stored in the 
distributed key file and determining the handling of the 
distributed content data based on the related decrypted 
usage control policy data. 

[0122] Also, a data providing method of an 18th as- 
pect of the present invention is a data providing method 
for distributing content data from a data providing appa- 
ratus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data and distributing the related produced key 
file to the data processing apparatus, in the data provid- 
ing apparatus, providing the content data encrypted by 
using the content key data to the data distribution appa- 
ratus, in the data distribution apparatus, distributing the 
provided content data to the data processing apparatus, 
and in the data processing apparatus, decrypting the 
content key data and the usage control policy data 
stored in the distributed key file and determining the 
handling of the distributed content data based on the 
related decrypted usage control policy data. 
[01 23] Also, a data providing method of a 1 9th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
providing encrypted content key data and encrypted us- 
age control policy data indicating the handling of the 
content data to the data providing apparatus, in the data 
providing apparatus, individually distributing the content 
data encrypted by using the content key data and the 
encrypted content key data and the encrypted usage 
control policy data which are received from the manage- 
ment apparatus to the data distribution apparatus, in the 
data distribution apparatus, individually distributing the 
distributed content data, the encrypted content key data, 
and the encrypted usage control policy data to the data 



distribution apparatus, and in the data processing appa- 
ratus, decrypting the distributed content key data and 
the usage control policy data and determining the han- 
dling of the distributed content data based on the related 

5 decrypted usage control policy data. 

[01 24] Also, a data providing method of a 20th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 

10 data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 

15 distributing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data to the data processing apparatus, in the 
data providing apparatus, distributing the content data 
encrypted by using the content key data to the data dis- 

20 tribution apparatus, in the data distribution apparatus, 
distributing the provided content data to the data 
processing apparatus, and in the data processing appa- 
ratus, decrypting the distributed content key data and 
the usage control policy data and determining the han- 

25 dling of the distributed content data based on the related 
decrypted usage control policy data. 
[0125] Also, a data providing method of a 21st aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 

30 tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 
vides master source data of content to the management 
apparatus, the management apparatus manages the 
data providing apparatus, the data distribution appara- 

35 tus, and the data processing apparatus, encrypts the 
provided master source data by using content key data 
to produce content data, produces a content file storing 
the related content data, produces a key file storing the 
encrypted content key data and encrypted usage control 

40 policy data indicating the handling of the content data, 
and provides the content file and the key file to the data 
distribution apparatus, the data distribution apparatus 
distributes the provided content file and the key file to 
the data processing apparatus, and the data processing 

45 apparatus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

50 [01 26] Also, a data providing method of a 22nd aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 

55 vides master source data of content to the management 
apparatus, the management apparatus manages the 
data providing apparatus, the data distribution appara- 
tus, and the data processing apparatus, encrypts the 
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provided master source data by using content key data 
to produce content data, produces a content file storing 
the related content data, produces a key file storing the 
encrypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 
and provides the content file to the data distribution ap- 
paratus and provides the key file to the data processing 
apparatus, the data distribution apparatus distributes 
the provided content file to the data processing appara- 
tus, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the provided key file and determines the han- 
dling of the content data stored in the distributed content 
file based on the related decrypted usage control policy 
data. 

[0127] Also, a data providing method of a 23rd aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 
vides a content file storing encrypted content data using 
content key data to the management apparatus, the 
management apparatus manages the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus, produces a key file storing the 
encrypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 
provides the content file provided from the data provid- 
ing apparatus and the produced key file to the data dis- 
tribution apparatus, the data distribution apparatus dis- 
tributes the provided content file and the key file to the 
data processing apparatus, and the data processing ap- 
paratus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

[01 28] Also, a data providing method of a 24th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 
vides a content file storing encrypted content data using 
content key data to the management apparatus, the 
management apparatus manages the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus, produces a key file storing the 
encrypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 
provides the content file provided from the data provid- 
ing apparatus to the data distribution apparatus, and 
provides the produced key file to the data processing 
apparatus, the data distribution apparatus distributes 
the provided content file to the data processing appara- 
tus, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the provided key file and determines the han- 
dling of the content data stored in the distributed content 



file based on the related decrypted usage control policy 
data. 

[01 29] Also, a data providing method of a 25th aspect 
of the present invention is a data providing method using 

5 a data providing apparatus, a data distribution appara- 
tus, a management apparatus, a database device, and 
a data processing apparatus, wherein the data providing 
apparatus encrypts content data by using content key 
data, produces a content file storing the related encrypt - 

10 ed content data, and stores the related produced con- 
tent file and a key file provided from the management 
apparatus in the database device, the management ap- 
paratus produces a key file storing the encrypted con- 
tent key data and encrypted usage control policy data 

15 indicating the handling of the content data and provides 
the related produced key file to the data providing ap- 
paratus, the data distribution apparatus distributes the 
content file and key file obtained from the database de- 
vice to the data processing apparatus, and the data 

20 processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 

25 [0130] Also, a data providing method of a 26th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus; a management apparatus, a database device, and 
a data processing apparatus, wherein the data providing 

30 apparatus encrypts content data by using content key 
data, produces a content file storing the related encrypt- 
ed content data, and stores the related produced con- 
tent file in the database device, the management appa- 
ratus produces a key file storing the encrypted content 

35 key data and encrypted usage control policy data indi- 
cating the handling of the content data and provides the 
related produced key file to the data distribution appa- 
ratus, the data distribution apparatus distributes the 
content file obtained from the database device and the 

40 key file provided from the data distribution apparatus to 
the data processing apparatus, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the content data stored in 

45 the distributed content file based on the related decrypt- 
ed usage control policy data. 

[01 31 ] Also, a data providing method of a 27th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 

50 tus, a management apparatus, a database device, and 
a data processing apparatus , wherein the data providing 
apparatus encrypts content data by using content key 
data, produces a content file storing the related encrypt- 
ed content data, and stores the related produced con- 

55 tent file in the database device, the management appa- 
ratus produces a key file storing the encrypted content 
key data and encrypted usage control policy data indi- 
cating the handling of the content data and provides the 



15 



29 EP 1 132 828 A1 30 



related produced key file to the data processing appa- 
ratus, the data distribution apparatus distributes the 
content file obtained from the database device and the 
key file provided from the data distribution apparatus to 
the data processing apparatus, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the provided key file and 
determines the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

[01 32] Also, a data providing method of a 28th aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 
bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files and key files 
provided from corresponding management apparatus- 
es in the database device, the management apparatus- 
es produce the key files storing the encrypted content 
key data and encrypted usage control policy data indi- 
cating the handling of the content data for the content 
data provided by corresponding data providing appara- 
tuses and provide the related produced key files to cor- 
responding data providing apparatuses, the data distri- 
bution apparatus distributes the content files and key 
files obtained from the database device to the data 
processing apparatus, and the data processing appara- 
tus decrypts the content key data and the usage control 
policy data stored in the distributed key files and deter- 
mines the handling of the content data stored in the dis- 
tributed content files based on the related decrypted us- 
age control policy data. 

[0133] Also, a data providing method of a 29th aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 
bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files in the database 
device, the management apparatuses produce the key 
files storing the encrypted content key data and encrypt- 
ed usage control policy data indicating the handling of 
the content data for the content data provided by corre- 
sponding data providing apparatuses and provide the 
related produced key files to the data distribution appa- 
ratus, the data distribution apparatus distributes the 
content files obtained from the database device and the 
key files provided from the management apparatuses to 
the data processing apparatus, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the distributed key files and 
determines the handling of the content data stored in 
the distributed content files based on the related de- 



crypted usage control policy data. 
[01 34J Also, a data providing method of a 30th aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 

5 bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 

10 store the related produced content files in the database 
device, the management apparatuses produce the key 
files storing the encrypted content key data and encrypt- 
ed usage control policy data indicating the handling of 
the content data for the content data provided by corre- 

is sponding data providing apparatuses and provide the 
related produced key files to the data processing appa- 
ratus, the data distribution apparatus distributes the 
content files obtained from the database device to the 
data processing apparatus, and the data processing ap- 

20 paratus decrypts the content key data and the usage 
control policy data stored in the provided key files and 
determines the handling of the content data stored in 
the distributed content files based on the related de- 
crypted usage control policy data. 

25 [01 35] Also, a data providing method of a 31 st aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 
bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 

30 tus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses and store content files and key 
files received from the related management apparatus- 
es in the database, the management apparatuses en- 

35 crypt the master sources received from corresponding 
data providing apparatuses by using content key data, 
produce content files storing the related encrypted con- 
tent data, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 

40 indicating the handling of the content data for the con- 
tent data provided by corresponding data providing ap- 
paratuses, and send the produced content files and the 
produced key files to corresponding data providing ap- 
paratuses, the data distribution apparatus distributes 

45 the content files and key files obtained from the data- 
base device to the data processing apparatus, and the 
data processing apparatus decrypts the content key da- 
ta and the usage control policy data stored in the dis- 
tributed key files and determines the handling of the con- 

50 tent data stored in the distributed content files based on 
the related decrypted usage control policy data. 
[01 36] Also, a data providing method of a 32nd aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 

55 bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
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agement apparatuses and store content. files received 
from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 
paratuses by using content key data, produce content 5 
f iles storing the related encrypted content data, send the 
related produced content files to the data providing ap- 
paratuses, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data for the con- 10 
tent data provided by corresponding data providing ap- 
paratuses, and send the related produced key files to 
corresponding data distribution apparatus, the data dis- 
tribution apparatus distributes the content files obtained 
from the database device and key files provided from '5 
the management apparatuses to the data processing 
apparatus, and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the distributed key files and determines the 
handling of the content data stored in the distributed 20 
content files based on the related decrypted usage con- 
trol policy data. 

[01 37] Also, a data providing method of a 33rd aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 25 
button apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses and store content files received 30 
from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 
paratuses by using content key data, produce content 
files storing the related encrypted content data, send the 35 
related produced content files to the data providing ap- 
paratuses, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data for the con- 
tent data provided by corresponding data providing ap- *o 
paratuses, and provide the related produced key files to 
the data processing apparatus, the data distribution ap- 
paratus distributes the content files obtained from the 
database device to the data processing apparatus, and 
the data processing apparatus decrypts the content key 45 
data and the usage control policy data stored in the pro- 
vided key files and determines the handling of the con- 
tent data stored in the distributed content files based on 
the related decrypted usage control policy data. 
[0138] Also, a data providing system of a 34th aspect so 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus, wherein the data 
providing apparatus distributes a module storing the 
content data encrypted by using content key data, the 55 
encrypted content key data, and encrypted usage con- 
trol policy data indicating the handling of the content da- 
ta to the data processing apparatus by using a prede- 



termined communication protocol in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
module and determines the handling of the content data 
based on the related decrypted usage control policy da- 
ta. 

[0139] The mode of operation of the data providing 
system of the 34th aspect of the present invention be- 
comes as follows. 

[01 40] The module storing the content data encrypted 
by using the content key data, the encrypted content key 
data, and the encrypted usage control policy data indi- 
cating the handling of the content data is distributed from 
the data providing apparatus to the data processing ap- 
paratus. 

[0141] At this time, the related module is distributed 
from the data providing apparatus to the data process- 
ing apparatus by using a predetermined communication 
protocol in a format not depending upon the related 
communication protocol or while being recorded on a 
storage medium. 

[0142] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed module are decrypted, and the 
handling of the content data is determined based on the 
related decrypted usage control policy data. 
[01 43] In this way, by storing the usage control policy 
data indicating the handling of the related content data 
in the module storing the content data, in the data 
processing apparatus, it becomes possible to handle 
(use) the content data based on the usage control policy 
data produced by the interested parties of the data pro- 
viding apparatus. 

[0144] Also, the module is distributed from the data 
providing apparatus to the data processing apparatus 
in the format not depending upon a predetermined com- 
munication protocol, so a compression method, encryp- 
tion method, etc. of the content data stored in the mod- 
ule can be freely determined by the data providing ap- 
paratus. 

[0145] Also, in the data providing system of the 34th 
aspect of the present invention, preferably the module 
further storing signature data for verifying a legitimacy 
of a producer and a transmitter of at least one data 
among the content data, the content key data, and the 
usage control policy data is distributed to the data 
processing apparatus. 

[0146] Also, in the data providing system of the 34th 
aspect of the present invention, preferably the data pro- 
viding apparatus distributes the module further storing 
at least one data between data for verifying if the related 
data is not tampered with and signature data for verify- 
ing if the related data was normally certified by a prede- 
termined manager for at least one data among the con- 
tent data, the content key data, and the usage control 
policy data to the data processing apparatus. 
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[0147] Also, in the data providing system of the 34th 
aspect of the present invention, preferably the data 
processing apparatus determines a purchase form of 
the content data based on the usage control policy data, 
and where the content data is transferred to another da- 
ta processing apparatus, the signature data indicating 
the legitimacy of the purchaser of the related content 
data and the signature data indicating the legitimacy of 
the transmitter of the related content data are made dif- 
ferent. 

[0148] A data providing system of 35th aspect of the 
present invention is a data providing system for distrib- 
uting content data from a data providing apparatus to a 
data processing apparatus and managing the data pro- 
viding apparatus and the data processing apparatus by 
a management apparatus, wherein the management 
apparatus produces a key file storing encrypted content 
key data and encrypted usage control policy data indi- 
cating the handling of the content data, the data provid- 
ing apparatus distributes a module storing a content file 
storing the content data encrypted by using the content 
key data and the key file received from the management 
apparatus to the data processing apparatus by using a 
predetermined communication protocol in a format not 
depending upon the related communication protocol or 
by recording the same on a storage medium, and the 
data processing apparatus decrypts the content key da- 
ta and the usage control policy data stored in the dis- 
tributed module and determines the handling of the con- 
tent data based on the related decrypted usage control 
policy data. 

[0149] The mode of operation of the data providing 
system of the 35th aspect of the present invention be- 
comes as follows. 

[0150] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced. 

[01 51 ] Then, the related produced key file is distribut- 
ed from the management apparatus to the data provid- 
ing apparatus. 

[0152] Then, the module storing the content file stor- 
ing the content data encrypted by using the content key 
data and the key file received from the management ap- 
paratus is distributed from the data providing apparatus 
to the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or 
while being recorded on a storage medium. 
[0153] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed module are decrypted, and the 
handling of the content data is determined based on the 
related decrypted usage control policy data. 
[0154] Also, in the data providing system of the 35th 
aspect of the present invention, preferably the manage- 
ment apparatus produces signature data for verifying 
the legitimacy of the producer of the key file and produc- 



es the key file further storing the related signature data. 
[0155] Also, in the data providing system of the 35th 
aspect of the present invention, preferably the data pro- 
viding apparatus produces the content key data and the 

5 usage control policy data and transmits the same to the 
management apparatus, and the management appara- 
tus produces the key file based on the received content 
key data and usage control policy data and registers the 
related produced key file. 

io [01 56] Also, a data providing apparatus of the present 
invention is a data providing apparatus which is man- 
aged by a management apparatus and distributes con- 
tent data to a data processing apparatus, receiving a 
key file storing encrypted content key data and encrypt- 

*5 ed usage control policy data indicating the handling of 
the content data from the management apparatus and 
distributing a module storing a content file storing the 
content data encrypted by using the content key data 
and the key file received from the management appara- 

20 tus to the data processing apparatus. 

[0157] Also, a data processing apparatus of the 
present invention is a data processing apparatus man- 
aged by a management apparatus and utilizing content 
data , receiving a module containing a key file storing en- 

25 crypted content key data and encrypted usage control 
policy data indicating the handling of the content data 
and a content file storing the content data encrypted by 
using the content key data, determining at least one be- 
tween a purchase form and an usage form of the content 

30 data based on the usage control policy data, and trans- 
mitting a log data indicating the log of the determined at 
least one of the related purchase form and usage form 
to the management apparatus. 

[01 58] Also, a data providing system of a 36th aspect 

35 of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 

40 agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data, the data 
providing apparatus distributes a module storing a con- 
tent file containing the content data encrypted by using 

45 the content key data and the key file received from the 
management apparatus to the data processing appara- 
tus by using a predetermined communication protocol 
in a format not depending upon the related communica- 
tion protocol or recording the same on a storage medi- 

50 um, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the distributed module and determines the 
handling of the content data based on the related de- 
crypted usage control policy data. 

55 [0159] The mode of operation of the data providing 
system of the 36th aspect of the present invention be- 
comes as follows. 

[0160] In the management apparatus, the key file 
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storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related key file is 
sent to the data providing apparatus. 
[0161] Then, the module storing the content file con- 
taining the content data encrypted by using the content 
key data and the key file received from the management 
apparatus is distributed from the data providing appara- 
tus to the data processing apparatus by using a prede- 
termined communication protocol in a format not de- 
pending upon the related communication protocol or 
while being recorded on a storage medium. 
[0162] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed module are decrypted, and the 
handling of the content data is determined based on the 
related decrypted usage control policy data. 
[0163] Also, a data providing system of a 37th aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data, the data 
providing apparatus individually distributes a content file 
storing the content data encrypted by using the content 
key data and the key file received from the management 
apparatus to the data processing apparatus by using a 
predetermined communication protocol but in a format 
not depending upon the related communication protocol 
or by recording the same on a storage medium, and the 
data processing apparatus decrypts the content key da- 
ta and the usage control policy data stored in the dis- 
tributed key file and determines the handling of the con- 
tent data stored in the distributed content file based on 
the related decrypted usage control policy data. 
[0164] The mode of operation of the data providing 
system of the 37th aspect of the present invention be- 
comes as follows. In the management apparatus, the 
key file storing the encrypted content key data and the 
encrypted usage control policy data indicating the han- 
dling of the content data is produced, and the related 
key file is sent to the data providing apparatus. 
[0165] Then, in the data processing apparatus, the 
content file storing the content data encrypted by using 
the content key data and the key file received from the 
management apparatus are individually distributed to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or 
while being recorded on a storage medium. 
[0166] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the content data stored in the distributed 
content file is determined based on the related decrypt- 



ed usage control policy data. 

[01 67] Also, a data providing system of a 38th aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 

5 tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 

io data indicating the handling of the content data and dis- 
tributes the related produced key file to the data 
processing apparatus, the data providing apparatus dis- 
tributes a content file storing the content data encrypted 
by using the content key data to the data processing ap- 

15 paratus by using a predetermined communication pro- 
tocol but in a format not depending upon the related 
communication protocol or recording the same on a 
storage medium, and the data processing apparatus de- 
crypts the content key data and the usage control policy 

20 data stored in the distributed key file and determines the 
handling of the content data stored in the distributed 
content file based on the related decrypted usage con- 
trol policy data. 

[0168] Below, an explanation will be made of the 
25 mode of operation of the data providing system of the 
38th aspect of the present invention. 
[0169] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
30 the content data is produced. 

[0170] The related produced key file is distributed 
from the management apparatus to the data processing 
apparatus. 

[0171] Also, the content file storing the content data 
35 encrypted by using the content key data is distributed 
from the data providing apparatus to the data process- 
ing apparatus by using a predetermined communication 
protocol but in a format not depending upon the related 
communication protocol or while being recorded on a 
40 storage medium. 

[0172] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the content data stored in the distributed 
45 content file is determined based on the related decrypt- 
ed usage control policy data. 

[0173] Also, a data providing system of a 39th aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 

50 tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 

55 data indicating the handling of the content data, the data 
providing apparatus distributes a module storing the 
content data encrypted by using the content key data 
and the key file received from the management appara- 



19 



37 



EP 1 132 828 A1 



38 



tus to the data processing apparatus by using a prede- 
termined communication protocol but in a format not de- 
pending upon the related communication protocol or re- 
cording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 5 
the usage control policy data stored in the distributed 
module and determines the handling of the content data 
based on the related decrypted usage control policy da- 
ta. 

[0174J Below, an explanation will be made of the 10 
mode of operation of the data providing system of the 
39th aspect of the present invention. 
[0175] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of *5 
the content data is produced, and the related key file is 
sent to the data providing apparatus. 
[01 76] Then , the module storing the content data en- 
crypted by using the content key data and the key file 
received from the management apparatus is distributed 20 
from the data providing apparatus to the data process- 
ing apparatus by using a predetermined communication 
protocol but in a format not depending upon the related 
communication protocol or while being recorded on a 
storage medium. 25 
[0177] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed module are decrypted, and the 
handling of the content data is determined based on the 
related decrypted usage control policy data. 30 
[0178] Also, a data providing system of a 40th aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 35 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data, the data 
providing apparatus individually distributes the content *o 
data encrypted by using the content key data and the 
key file received from the management apparatus to the 
data processing apparatus by using a predetermined 
communication protocol but in a format not depending 
upon the related communication protocol or recording 45 
the same on a storage medium, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the distributed content data 
based on the related decrypted usage control policy da- so 
ta. 

[0179] Below, an explanation will be made of the 
mode of operation of the data providing system of the 
40th aspect of the present invention. 

[0180] In the management apparatus, the key file ss 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related key file is 



sent to the data providing apparatus. 
[01 81 ] Then, the content data encrypted by using the 
content key data and the key file received from the man- 
agement apparatus are individually distributed from the 
data providing apparatus to the data processing appa- 
ratus by using a predetermined communication protocol 
but in a format not depending upon the related commu- 
nication protocol or while being recorded on a storage 
medium. 

[0182] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the distributed content data is determined 
based on the related decrypted usage control policy da- 
ta. 

[0183] Also, a data providing system of a 41st aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces a key file storing encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data and dis- 
tributes the related produced key file to the data 
processing apparatus, the data providing apparatus dis- 
tributes the content data encrypted by using the content 
key data to the data processing apparatus by using a 
predetermined communication protocol but in a format 
not depending upon the related communication protocol 
or recording the same on a storage medium, and the 
data processing apparatus decrypts the content key da- 
ta and the usage control policy data stored in the dis- 
tributed key file and determines the handling of the dis- 
tributed content data based on the related decrypted us- 
age control policy data. 

[0184] Below, an explanation will be made of the 
mode of operation of the data providing system of the 
41st aspect of the present invention. 
[0185] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 
the content data is produced, and the related produced 
key file is distributed to the data processing apparatus. 
[0186] Also, the content data encrypted by using the 
content key data is distributed from the data providing 
apparatus to the data processing apparatus by using a 
predetermined communication protocol but in a format 
not depending upon the related communication protocol 
or while being recorded on a storage medium. 
[0187] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed key file are decrypted, and the 
handling of the distributed content data is determined 
based on the related decrypted usage control policy da- 
ta. 

[01 88] Also, a data providing system of a 42nd aspect 
of the present invention is a data providing system for 
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distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces encrypted content key da- 5 
ta and encrypted usage control policy data indicating the 
handling of the content data, the data providing appara- 
tus individually distributes the content data encrypted by 
using the content key data and the encrypted content 
key data and the encrypted usage control policy data io 
received from the management apparatus to the data 
processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or recording the 
same on a storage medium, and the data processing '5 
apparatus decrypts the distributed content key data and 
the usage control policy data and determines the han- 
dling of the content data stored in the distributed content 
file based on the related decrypted usage control policy 
data. 20 
[0189] Below, an explanation will be made of the 
mode of operation of the data providing system of the 
42nd aspect of the present invention. 
[0190] In the management apparatus, the encrypted 
content key data and the encrypted usage control policy 25 
data indicating the handling of the content data are pro- 
duced and are sent to the data providing apparatus. 
[01 91 ] Then . the content data encrypted by using the 
content key data and the encrypted content key data 
and the encrypted usage control policy data received 30 
from the management apparatus are individually distrib- 
uted from the data providing apparatus to the data 
processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or while being re- 35 
corded on a storage medium. 

[0192] Then, in the data processing apparatus, the 
distributed content key data and the usage control policy 
data are decrypted, and the handling of the content data 
stored in the distributed content file is determined based *o 
on the related decrypted usage control policy data. 
[0193] Also, a data providing system of a 43rd aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, wherein the man- 
agement apparatus produces encrypted content key da-' 
ta and encrypted usage control policy data indicating the 
handling of the content data and distributes the same to so 
the data processing apparatus, the data providing ap- 
paratus distributes the content data encrypted by using 
the content key data to the data processing apparatus 
by using a predetermined communication protocol but 
in a format not depending upon the related communica- 55 
tion protocol or recording the same on a storage medi- 
um, and the data processing apparatus decrypts the dis- 
tributed content key data and the usage control policy 



data and determines the handling of the distributed con- 
tent data based on the related decrypted usage control 
policy data. 

[0194] Below, an explanation will be made of the 
mode of operation of the data providing system of the 
43rd aspect of the present invention. 
[0195] In the management apparatus, the encrypted 
content key data and the encrypted usage control policy 
data indicating the handling of the content data are pro- 
duced and are distributed to the data processing appa- 
ratus. 

[0196] Then, the content data encrypted by using the 
content key data is distributed from the data providing 
apparatus to the data processing apparatus by using a 
predetermined communication protocol but in a format 
not depending upon the related communication protocol 
or while being recorded on a storage medium. 
[0197] Then, in the data processing apparatus, the 
distributed content key data and the usage control policy 
data are decrypted, and the handling of the distribution 
the content data is determined based on the related de- 
crypted usage control policy data. 
[0198] Also, a data providing system of a 44th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, and a data processing apparatus, wherein the 
data providing apparatus provides a first module storing 
content data encrypted by using content key data, the 
encrypted content key data, and encrypted usage con- 
trol policy data indicating the handling of the content da- 
ta to the data distribution apparatus, the data distribution 
apparatus distributes a second module storing the en- 
crypted content data, content key data, and the usage 
control policy data stored in the provided first module to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
second module and determines the handling of the con- 
tent data based on the related decrypted usage control 
policy data. 

[0199] Below, an explanation will be made of the 
mode of operation of the data providing system of the 
44th aspect of the present invention. 
[0200] The first module storing the content data en- 
crypted by using the content key data, the encrypted 
content key data, and the encrypted usage control policy 
data indicating the handling of the content data is pro- 
vided from the data providing apparatus to the data dis- 
tribution apparatus by for example using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or 
while being recorded on a storage medium. 
[0201] Next, the second module storing the encrypted 
content data, content key data, and the usage control 
policy data stored in the provided first module is distrib- 
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uted from the data distribution apparatus to the data 
processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or while being re- 
corded on a storage medium. 

[0202] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed second module are decrypted, 
and the handling of the content data is determined 
based on the related decrypted usage control policy da- 
ta. 

[0203] In this way, by storing the usage control policy 
data indicating the handling of the related content data 
in the first module and second module storing the con- 
tent data, in the data processing apparatus, it becomes 
possible to have the data processing apparatus perform 
the handling (usage) of the content data based on the 
usage control policy data produced by the interested 
parties of the data providing apparatus. 
[0204] Also, the second module is distributed from the 
data distribution apparatus to the data processing ap- 
paratus in a format not depending upon on a predeter- 
mined communication protocol, so the compression 
method and encryption method etc. of the content data 
stored in the second module can be freely determined 
by the data providing apparatus. 

[0205] A data providing system of a 45th aspect of the 
present invention is a data providing system for provid- 
ing content data from a data providing apparatus to a 
data distribution apparatus, distributing the content data 
from the data distribution apparatus to a data processing 
apparatus, and managing the data providing apparatus, 
the data distribution apparatus, and the data processing 
apparatus by a management apparatus, wherein the 
management apparatus produces a key file storing en- 
crypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 
the data providing apparatus provides a first module 
storing a content file storing the content data encrypted 
by using the content key data and the key file received 
from the management apparatus to the data distribution 
apparatus, the data distribution apparatus distributes a 
second module storing the provided content file and the 
key file to the data processing apparatus by using a pre- 
determined communication protocol but in a format not 
depending upon the related communication protocol or 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
second module and determines the handling of the con- 
tent data stored in the distributed second module based 
on the related decrypted usage control policy data. 
[0206] Below, an explanation will be made of the 
mode of operation of the data providing system of the 
45th aspect of the present invention. 
[0207] In the management apparatus, the key file 
storing the encrypted content key data and the encrypt- 
ed usage control policy data indicating the handling of 



the content data is produced, and the related key file is 
sent to the data providing apparatus. 
[0208] Then, the first module storing the content file 
storing the content data encrypted by using the content 

5 key data and the key file received from the management 
apparatus is provided from the data providing apparatus 
to the data distribution apparatus. 
[0209] Then, the second module storing the provided 
content file and the key file is distributed from the data 

10 distribution apparatus to the data processing apparatus 
by using a predetermined communication protocol but 
in a format not depending upon the related communica- 
tion protocol or while being recorded on a storage me- 
dium. 

15 [0210] Then, in the data processing apparatus, the 
content key data and the usage control policy data 
stored in the distributed second module are decrypted, 
and the handling of the content data stored in the dis- 
tributed second module is determined based on the re- 

20 lated decrypted usage control policy data. 

[021 1 ] A data providing system of a 46th aspect of the 
present invention is a data providing system for provid- 
ing content data from a data providing apparatus to a 
data distribution apparatus, distributing the content data 

25 from the data distribution apparatus to a data processing 
apparatus, and managing the data providing apparatus, 
the data distribution apparatus, and the data processing 
apparatus by a management apparatus, wherein the 
management apparatus produces a key file storing en- 

30 crypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 
the data providing apparatus provides a first module 
storing a content file containing the content data en- 
crypted by using the content key data and a key file re- 

35 ceived from the management apparatus to the data dis- 
tribution apparatus, the data distribution apparatus dis- 
tributes a second module storing the provided content 
file to the data processing apparatus by using a prede- 
termined communication protocol but in a format not de- 
pending upon the related communication protocol or re- 
cording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
second module and determines the handling of the con- 

45 tent data stored in the distributed second module based 
on the related decrypted usage control policy data. 
[0212] Also, a data providing system of a 47th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 

so to a first data distribution apparatus and a second data 
distribution apparatus, distributing the content data from 
the first data distribution apparatus and the second data 
distribution apparatus to a data processing apparatus, 
and managing the data providing apparatus, the first da- 

55 ta distribution apparatus, the second data distribution 
apparatus, and the data processing apparatus by a 
management apparatus, wherein the management ap- 
paratus produces a key file storing encrypted content 
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key data and encrypted usage control policy data indi- 
cating the handling of the content data, the data provid- 
ing apparatus provides a first module storing a content 
file storing the content data encrypted by using the con- 
tent key data and the key file received from the manage- 5 
ment apparatus to the first data distribution apparatus 
and the second data distribution apparatus, the first data 
distribution apparatus distributes a second module stor- 
ing the provided content file and the key file to the data 
processing apparatus, the second data distribution ap- 10 
paratus distributes a third module storing the provided 
content file and the key file to the data processing ap- 
paratus., and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the distributed second module and the third *5 
module and determines the handling of the content data 
based on the related decrypted usage control policy da- 
ta. 

[021 3] Also, a data providing system of a 48th aspect 
of the present invention is a data providing system for 20 
providing first content data from a first data providing 
apparatus to a data distribution apparatus, providing 
second content data from a second data providing ap- 
paratus to the data distribution apparatus, distributing 
the content data from the data distribution apparatus to 25 
a data processing apparatus, and managing the first da- 
ta providing apparatus, the second data providing ap- 
paratus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus produces a first 30 
key file storing an encrypted first content key data and 
an encrypted first usage control policy data indicating 
the handling of the first content data and a second key 
file storing an encrypted second content key data and 
an encrypted second usage control policy data indicat- 35 
ing the handling of the second content data, the first data 
providing apparatus provides a first module storing a 
first content file storing the first content data encrypted 
by using the first content key data and the first key file 
received from the management apparatus to the data 40 
distribution apparatus, the second data providing appa- 
ratus provides a second module storing a second con- 
tent file storing the second content data encrypted by 
using the second content key data and the second key 
file received from the management apparatus to the da- 
ta distribution apparatus, the data distribution apparatus 
distributes a third module storing the provided first con- 
tent file, the first key file, the second content file, and the 
second key file to the data processing apparatus, and 
the data processing apparatus decrypts the first content so 
key data, the second content key data, the first usage 
control policy data, and the second usage control policy 
data stored in the distributed third module, determines 
the handling of the first content data based on the relat- 
ed decrypted first usage control policy data, and deter- 55 
mines the handling of the second content data based 
on the related decrypted second usage control policy 
data. 



[021 4] Also, a data providing system of a 49th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus produces a key file 
storing encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, the data providing apparatus individually distrib- 
utes a content file storing the content data encrypted by 
using the content key data and the key file received from 
the management apparatus to the data distribution ap- 
paratus, the data distribution apparatus individually dis- 
tributes the distributed content file and the key file to the 
data processing apparatus by using a predetermined 
communication protocol but in a format not depending 
upon the related communication protocol or by record- 
ing the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0215] Also, a data providing system of a 50th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data processing apparatus and managing the data 
providing apparatus and the data processing apparatus 
by a management apparatus, wherein the management 
apparatus produces a key file storing encrypted content 
key data and encrypted usage control policy data indi- 
cating the handling of the content data and distributes 
the related produced key file to the data processing ap- 
paratus, the data providing apparatus distributes a con- 
tent file storing the content data encrypted by using the 
content key data to the data distribution apparatus, the 
data distribution apparatus distributes the provided con- 
tent file to the data processing apparatus by using a pre- 
determined communication protocol but in a format not 
depending upon the related communication protocol or 
by recording the same on a storage medium, and the 
data processing apparatus decrypts the content key da- 
ta and the usage control policy data stored in the dis- 
tributed key file and determines the handling of the con- 
tent data stored in the distributed content file based on 
the related decrypted usage control policy data. 
[021 6] Also, a data providing system of a 51 st aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus produces a key file 
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storing encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, the data providing apparatus provides a first mod- 
ule storing the content data encrypted by using the con- 
tent key data and the key file received from the manage- 5 
ment apparatus to the data distribution apparatus, the 
data distribution apparatus distributes a second module 
storing the provided content data and the key file to the 
data processing apparatus by using a predetermined 
communication protocol but in a format not depending 10 
upon the related communication protocol or by record- 
ing the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
second module and determines the handling of the con- '5 
tent data stored in the distributed second module based 
on the related decrypted usage control policy data. 
[0217] Also, a data providing system of a 52nd aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 20 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 25 
wherein the management apparatus produces a key file 
storing encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, the data providing apparatus individually distrib- 
utes the content data encrypted by using the content key 30 
data and the key file received from the management ap- 
paratus to the data distribution apparatus : the data dis- 
tribution apparatus individually distributes the distribut- 
ed content data and the key file to the data distribution 
apparatus by using a predetermined communication 35 
protocol but in a format not depending upon the related 
communication protocol or by recording the same on a 
storage medium, and the data processing apparatus de- 
crypts the content key data and the usage control policy 
data stored in the distributed key file and determines the *o 
handling of the distributed content data based on the 
related decrypted usage control policy data. 
[0218] Also, a data providing system of a 53rd aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 45 
to a data processing apparatus, and managing the data 
providing apparatus and the data processing apparatus 
by a management apparatus, wherein the management 
apparatus produces a key file storing encrypted content 
key data and encrypted usage control policy data indi- so 
eating the handling of the content data and distributes 
the related produced key file to the data processing ap- 
paratus, the data providing apparatus distributes the 
content data encrypted by using the content key data to 
the data distribution apparatus, the data distribution ap- ss 
paratus distributes the provided content data to the data 
processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 



the related communication protocol or by recording the 
same on a storage medium : and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the distributed key file and 
determines the handling of the distributed content data 
based on the related decrypted usage control policy da- 
ta. 

[0219] Also, a data providing system of a 54th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus provides encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data to the 
data providing apparatus, the data providing apparatus 
individually distributes the content data encrypted by us- 
ing the content key data and the encrypted content key 
data and the encrypted usage control policy data re- 
ceived from the management apparatus to the data dis- 
tribution apparatus, the data distribution apparatus dis- 
tributes the distributed content data, the encrypted con- 
tent key data, and the encrypted usage control policy 
data to the data distribution apparatus by using a pre- 
determined communication protocol but in a format not 
depending upon the related communication protocol or 
recording the same on a storage medium, and the data 
processing apparatus decrypts the distributed content 
key data and the usage control policy data and deter- 
mines the handling of the distributed content data based 
on the related decrypted usage control policy data. 
[0220] Also, a data providing system of a 55th aspect 
of the present invention is a data providing system for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
wherein the management apparatus provides encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data to the 
data processing apparatus, the data providing appara- 
tus provides the content data encrypted by using the 
content key data to the data distribution apparatus, the 
data distribution apparatus distributes the distributed 
provided content data to the data processing apparatus 
by using a predetermined communication protocol but 
in a format not depending upon the related communica- 
tion protocol or recording the same on a storage medi- 
um, and the data processing apparatus decrypts the dis- 
tributed content key data and the usage control policy 
data and determines the handling of the distributed con- 
tent data based on the related decrypted usage control 
policy data. 
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[0221 1 Also, a data p roviding system of a 56th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, and a data process- 
ing apparatus, wherein the data providing apparatus 5 
provides master source data of content to the manage- 
ment apparatus, the management apparatus manages 
the data providing apparatus, the data distribution ap- 
paratus, and the data processing apparatus, encrypts 
the provided master source data by using content key 10 
data to produce content data,, produces a content file 
storing the related content data,, produces a key file stor- 
ing the encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, and provides the content file and the key file to the 15 
data distribution apparatus, the data distribution appa- 
ratus distributes the provided content file and the key 
f ile to the data processing apparatus by using a prede- 
termined communication protocol but in a format not de- 
pending upon the related communication protocol or re- 20 
cording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 25 
decrypted usage control policy data. 
[0222] Also, in the data providing system of the 56th 
aspect of the present invention, preferably the manage- 
ment apparatus produces a first module storing the con- 
tent file and the key file and provides the related first 30 
module to the data distribution apparatus, and the data 
distribution apparatus produces a second module stor- 
ing the content file and the key file stored in the first mod- 
ule and distributes the related second module to the da- 
ta processing apparatus. 35 
[0223] Also, in the data providing system of the 56th 
aspect of the present invention, preferably the manage- 
ment apparatus has at least one database among a da- 
tabase for storing and managing the content file, a da- 
tabase for storing and managing the key file, and a da- *o 
tabase for storing and managing the usage control pol- 
icy data and centrally manages at least one among the 
content file, the key file, and the usage control policy 
data by using a content identifier uniquely allocated to 
the content data. 45 
[0224] Also, a data providing system of a 57th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, and a data process- 
ing apparatus, wherein the data providing apparatus 50 
provides master source data of content to the manage- 
ment apparatus, the management apparatus manages 
the data providing apparatus, the data distribution ap- 
paratus, and the data processing apparatus, encrypts 
the provided master source data by using content key 55 
data to produce content data, produces a content file 
storing the related content data, produces a key file stor- 
ing the encrypted content key data and encrypted usage 



control policy data indicating the handling of the content 
data, and provides the content file to the data distribution 
apparatus and provides the key file to the data process- 
ing apparatus, the data distribution apparatus distrib- 
utes the provided content file to the data processing ap- 
paratus by using a predetermined communication pro- 
tocol but in a format not depending upon the related 
communication protocol or recording the same on a 
storage medium, and the data processing apparatus de- 
crypts the content key data and the usage control policy 
data stored in the provided key file and determines the 
handling of the content data stored in the distributed 
content file based on the related decrypted usage con- 
trol policy data. 

[0225] Also, a data providing system of a 58th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, and a data process- 
ing apparatus, wherein the data providing apparatus 
provides a content file storing encrypted content data 
using content key data to the management apparatus, 
the management apparatus manages the data provid- 
ing apparatus, the data distribution apparatus, and the 
data processing apparatus, produces a key file storing 
the encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, and provides the content file provided from the da- 
ta providing apparatus and the produced key file to the 
data distribution apparatus, the data distribution appa- 
ratus distributes the provided content file and the key 
file to the data processing apparatus by using a prede- 
termined communication protocol but in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0226] Also, a data providing system of a 59th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, and a data process- 
ing apparatus, wherein the data providing apparatus 
provides a content file storing encrypted content data 
using content key data to the management apparatus, 
the management apparatus manages the data provid- 
ing apparatus, the data distribution apparatus, and the 
data processing apparatus, produces a key file storing 
the encrypted content key data and encrypted usage 
control policy data indicating the handling of the content 
data, provides the content file provided from the data 
providing apparatus to the data distribution apparatus, 
and provides the produced key file to the data process- 
ing apparatus, the data distribution apparatus distrib- 
utes the provided content file to the data processing ap- 
paratus by using a predetermined communication pro- 
tocol but in a format not depending upon the related 
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communication protocol or by recording the same on a 
storage medium, and the data processing apparatus de- 
crypts the content key data and the usage control policy 
data stored in the provided key file and determines the 
handling of the content data stored in the distributed 
content file based on the related decrypted usage con- 
trol policy data. 

[0227] Also, a data providing system of a 60th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, a database device, 
and a data processing apparatus, wherein the data pro- 
viding apparatus encrypts content data by using content 
key data, produces a content file storing the related en- 
crypted content data, and stores the related produced 
content file and a key file provided from the manage- 
ment apparatus in the database device, the manage- 
ment apparatus produces a key file storing the encrypt- 
ed content key data and encrypted usage control policy 
data indicating the handling of the content data and pro- 
vides the related produced key file to the data providing 
apparatus, the data distribution apparatus distributes 
the content file and key file obtained from the database 
device to the data processing apparatus by using a pre- 
determined communication protocol but in a format not 
depending upon the related communication protocol or 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0228] Also, a data providing system of a 61 st aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, a database device, 
and a data processing apparatus, wherein the data pro- 
viding apparatus encrypts content data by using content 
key data, produces a content file storing the related en- 
crypted content data, and stores the related produced 
content file in the database device, the management ap- 
paratus produces a key file storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data and provides 
the related produced key file to the data providing ap- 
paratus, the data distribution apparatus distributes the 
content file obtained from the database device and the 
key file provided from the data distribution apparatus to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or re- 
cording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0229] Also, a data providing system of a 62nd aspect 



of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, a management apparatus, a database device, 
and a data processing apparatus, wherein the data pro- 

5 viding apparatus encrypts content data by using content 
key data, produces a content file storing the related en- 
crypted content data, and stores the related produced 
content file in the database device, the management ap- 
paratus produces a key file storing the encrypted con- 

10 tent key data and encrypted usage control policy data 
indicating the handling of the content data and provides 
the related produced key file to the data processing ap- 
paratus, the data distribution apparatus distributes the 
content file obtained from the database device to the da- 

15 ta processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or recording the 
same on a storage medium, and the data processing 
apparatus decrypts the content key data and the usage 

20 control policy data stored in the provided key file and 
determines the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

[0230] Also, a data providing system of a 63rd aspect 
25 of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses encrypt 
30 content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files and key files 
provided from corresponding management apparatus- 
es in the database device, the management apparatus- 
es es produce key files storing the encrypted content key 
data and encrypted usage control policy data indicating 
the handling of the content data for the content data pro- 
vided by corresponding data providing apparatuses and 
provide the related produced key files to corresponding 
40 data providing apparatuses, the data distribution appa- 
ratus distributes the content files and key files obtained 
from the database device to the data processing appa- 
ratus by using a predetermined communication protocol 
but in a format not depending upon the related commu- 
45 nication protocol or recording the same on a storage me- 
dium, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the distributed key files and determines the 
handling of the content data stored in the distributed 
so content files based on the related decrypted usage con- 
trol policy data. 

[0231 ] Also, a data providing system of a 64th aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
55 tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
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files storing the related encrypted content data, and 
store the related produced content files in the database 
device, the management apparatuses produce key files 
storing the encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data for the content data provided by corre- 
sponding data providing apparatuses and provide the 
related produced key files to the data distribution appa- 
ratus, the data distribution apparatus distributes the 
content files obtained from the database device and the 
key files provided from the management apparatuses to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or re- 
cording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key files and determines the handling of the content data 
stored in the distributed content files based on the relat- 
ed decrypted usage control policy data. 
[0232] Also, a data providing system of a 65th aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files in the database 
device, the management apparatuses produce key files 
storing the encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data for the content data provided by corre- 
sponding data providing apparatuses and provide the 
related produced key files to the data processing appa- 
ratus, the data distribution apparatus distributes the 
content files obtained from the database device to the 
data processing apparatus by using a predetermined 
communication protocol but in a format not depending 
upon the related communication protocol or recording 
the same on a storage medium, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the provided key files and 
determines the handling of the content data stored in 
the distributed content files based on the related de- 
crypted usage control policy data. 
[0233] Also, a data providing system of a 66th aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses and store content files and key 
files received from the related management apparatus- 
es in the database, the management apparatuses en- 
crypt the master sources received from corresponding 
data providing apparatuses by using content key data, 



produce content files storing the related encrypted con- 
tent data, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data for the con- 

5 tent data provided by corresponding data providing ap- 
paratuses., and send the produced content files and the 
produced key files to corresponding data providing ap- 
paratuses, the data distribution apparatus distributes 
the content files and key files obtained from the data- 

io base device to the data processing apparatus by using 
a predetermined communication protocol but in a format 
not depending upon the related communication protocol 
or by recording the same on a storage medium, and the 
data processing apparatus decrypts the content key da- 

15 ta and the usage control policy data stored in the dis- 
tributed key files and determines the handling of the con- 
tent data stored in the distributed content files based on 
the related decrypted usage control policy data. 
[0234] Also, a data providing system of a 67th aspect 

20 of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses provide 

25 master sources of content data to corresponding man- 
agement apparatuses and store content files received 
from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 

30 paratuses by using content key data, produce content 
files storing the related encrypted content data, send the 
related produced content files to the data providing ap- 
paratuses, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 

35 indicating the handling of the content data for the con- 
tent data provided by corresponding data providing ap- 
paratuses, and send the related produced key files pro- 
vided from the management apparatuses to corre- 
sponding data distribution apparatus, the data distribu- 
te tion apparatus distributes the content files obtained from 
the database device and key files provided from the 
management apparatuses to the data processing appa- 
ratus by using a predetermined communication protocol 
but in a format not depending upon the related commu- 

45 nication protocol or by recording the same on a storage 
medium, and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the distributed key files and determines the 
handling of the content data stored in the distributed 

so content files based on the related decrypted usage con- 
trol policy data. 

[0235] Also, a data providing system of a 68th aspect 
of the present invention is a data providing system hav- 
ing a plurality of data providing apparatuses, a data dis- 
ss tribution apparatus, a plurality of management appara- 
tuses, a database device, and a data processing appa- 
ratus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
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agement apparatuses and store content files received 
from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 
paratuses by using content key data, produce content 5 
files storing the related encrypted content data, send the 
related produced content files to the data providing ap- 
paratuses, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data for the con- 10 
tent data provided by corresponding data providing ap- 
paratuses, and send the related produced key files to 
the data processing apparatus, the data distribution ap- 
paratus distributes the content files obtained from the 
database device to the data processing apparatus by 15 
using a predetermined communication protocol but in a 
format not depending upon the related communication 
protocol or by recording the same on a storage medium, 
and the data processing apparatus decrypts the content 
key data and the usage control policy data stored in the 20 
distributed key files and determines the handling of the 
content data stored in the provided content files based 
on the related decrypted usage control policy data. 
[0236] Also, a data providing system of a 69th aspect 
of the present invention is a data providing system hav- 25 
ing a data providing apparatus, a data distribution ap- 
paratus, and a data processing apparatus, wherein the 
data providing apparatus provides a first module storing 
content data encrypted by using content key data, the 
encrypted content key data, and encrypted usage con- 30 
trol policy data indicating the handling of the content da- 
ta to the data distribution apparatus, performs charge 
processing in units of the content data based on log data 
received from the data processing apparatus, and per- 
forms a profit distribution processing for distributing the 35 
profit paid by interested parties of the data processing 
apparatus to interested parties of the related data pro- 
viding apparatus and interested parties of the data dis- 
tribution apparatus, the data distribution apparatus dis- 
tributes a second module storing the encrypted content 40 
data, content key data, and usage control policy data 
stored in the provided first module to the data process- 
ing apparatus by using a predetermined communication 
protocol but in a format not depending upon the related 
communication protocol or by recording the same on a 45 
storage medium, and the data processing apparatus de- 
crypts the content key data and the usage control policy 
data stored in the distributed module, determines the 
handling of the content data based on the related de- 
crypted usage control policy data, produces the log data 50 
for the handling of the related content data, and sends 
the related log data to the data providing apparatus. 
[0237] Also, a data providing system of a 70th aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- ss 
paratus, and a management apparatus, wherein the da- 
ta providing apparatus provides content data, the data 
distribution apparatus distributes the content file provid- 



ed from the data providing apparatus or a content file in 
accordance with the content data provided by the data 
providing apparatus provided from the management ap- 
paratus to the data processing apparatus, and the data 
processing apparatus decrypts the usage control policy 
data stored in a key file received from the data distribu- 
tion apparatus or the management apparatus, deter- 
mines the handling of the content data stored in the con- 
tent file received from the data distribution apparatus or 
the management apparatus based on the related de- 
crypted usage control policy data, and further distributes 
the content file and key file received from the data dis- 
tribution apparatus or the management apparatus to the 
other data processing apparatus. 
[0238] Also, a data providing method of a 34th aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus, comprising the 
steps of distributing a module storing the content data 
encrypted by using content key data, the encrypted con- 
tent key data, and encrypted usage control policy data 
indicating the handling of the content data from the data 
providing apparatus to the data processing apparatus 
by using a predetermined communication protocol but 
in a format not depending upon the related communica- 
tion protocol or recording the same on a storage medi- 
um, and in the data processing apparatus, decrypting 
the content key data and the usage control policy data 
stored in the distributed module and determining the 
handling of the content data based on the related de- 
crypted usage control policy data. 
[0239] Also, a data providing method of a 35h aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, distributing the produced key file from the 
management apparatus to the data providing appara- 
tus, and distributing a module storing a content file stor- 
ing the content data encrypted by using the content key 
data and the key file distributed from the management 
apparatus from the data providing apparatus to the data 
processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or recording the 
same on a storage medium, and in the data processing 
apparatus, decrypting the content key data and the us- 
age control policy data stored in the distributed module 
and determining the handling of the content data based 
on the related decrypted usage control policy data. 
[0240] Also, a data providing method of a 36th aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
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data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, in the data providing apparatus, distribut- 
ing a module storing a content file containing the content 
data encrypted by using the content key data and a key 
file received from the management apparatus to the da- 
ta processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or recording the 
same on a storage medium, and in the data processing 
apparatus, decrypting the content key data and the us- 
age control policy data stored in the distributed module 
and determining the handling of the content data based 
on the related decrypted usage control policy data. 
[0241] Also, a data providing method of a 37th aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, distributing the related produced key file 
from the management apparatus to the data providing 
apparatus, and individually distributing a content file 
storing the content data encrypted by using the content 
key data and the key file distributed from the manage- 
ment apparatus from the data providing apparatus to the 
data processing apparatus by using a predetermined 
communication protocol but in a format not depending 
upon the related communication protocol or recording 
the same on a storage medium, and in the data process- 
ing apparatus, decrypting the content key data and the 
usage control policy data stored in the distributed key 
file and determining the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0242] Also, a data providing method of a 38th aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, distributing the related produced key file 
from the management apparatus to the data processing 
apparatus, and distributing a content file storing the con- 
tent data encrypted by using the content key data from 
the data providing apparatus to the data processing ap- 
paratus by using a predetermined communication pro- 
tocol but in a format not depending upon the related 
communication protocol or recording the same on a 



storage medium, and in the data processing apparatus, 
decrypting the content key data and the usage control 
policy data stored in the distributed key file and deter- 
mining the handling of the content data stored in the dis- 
5 tributed content file based on the related decrypted us- 
age control policy data. 

[0243] Also, a data providing method of a 39th aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
10 tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
15 usage control policy data indicating the handling of the 
content data, in the data providing apparatus, distribut- 
ing a modu le storing the content data encrypted by using 
the content key data and the key file received from the 
management apparatus to the data processing appara- 
tus by using a predetermined communication protocol 
but in a format not depending upon the related commu- 
nication protocol or recording the same on a storage me- 
dium, and in the data processing apparatus, decrypting 
the content key data and the usage control policy data 
stored in the distributed module and determining the 
handling of the content data based on the related de- 
crypted usage control policy data. 
[0244] Also, a data providing method of a 40th aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data, in the data providing apparatus, individu- 
ally distributing the content data encrypted by using the 
content key data and the key file received from the man- 
agement apparatus to the data processing apparatus by 
using a predetermined communication protocol but in a 
format not depending upon the related communication 
protocol or recording the same on a storage medium, 
and in the data processing apparatus, decrypting the 
content key data and the usage control policy data 
stored in the distributed key file and determining the 
handling of the distributed content data based on the 
related decrypted usage control policy data. 
[0245] Also, a data providing method of a 41 st aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data and distributing the related produced key 
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file to the data processing apparatus, in the data provid- 
ing apparatus., distributing the content data encrypted 
by using the content key data to the data processing ap- 
paratus by using a predetermined communication pro- 
tocol but in a format not depending upon the related 5 
communication protocol or recording the same on a 
storage medium, and in the data processing apparatus, 
decrypting the content key data and the usage control 
policy data stored in the distributed key file and deter- 
mining the handling of the distributed content data 10 
based on the related decrypted usage control policy da- 
ta. 

[0246] Also, a data providing method of a 42nd aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- '5 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing en- 
crypted content key data and encrypted usage control 20 
policy data indicating the handling of the content data, 
in the data providing apparatus, individually distributing 
the content data encrypted by using the content key data 
and the encrypted content key data and the encrypted 
usage control policy data received from the manage- 25 
ment apparatus to the data processing apparatus by us- 
ing a predetermined communication protocol but in a 
format not depending upon the related communication 
protocol or recording the same on a storage medium, 
and in the data processing apparatus, decrypting the 30 
distributed content key data and the usage control policy 
data and determining the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 

[0247] Also, a data providing method of a 43rd aspect 35 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 40 
steps of, in the management apparatus, preparing en- 
crypted content key data and encrypted usage control 
policy data indicating the handling of the content data 
and distributing the same to the data processing appa- 
ratus, in the data providing apparatus, distributing the 45 
content data encrypted by using the content key data to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or re- 
cording the same on a storage medium, and in the data so 
processing apparatus, decrypting the distributed con- 
tent key data and the usage control policy data and de- 
termining the handling of the distributed content data 
based on the related decrypted usage control policy da- 
ta. 55 
[0248] Also, a data providing method of a 44th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 



tus, and a data processing apparatus, comprising the 
steps of providing a first module storing content data en- 
crypted by using content key data, encrypted the con- 
tent key data, and encrypted usage control policy data 
indicating the handling of the content data from the data 
providing apparatus to the data distribution apparatus, 
distributing a second module storing the encrypted con- 
tent data, content key data, and the usage control policy 
data stored in the provided the first module from the data 
distribution apparatus to the data processing apparatus 
by using the content key data to the data processing ap- 
paratus by using a predetermined communication pro- 
tocol but in a format not depending upon the related 
communication protocol or recording the same on a 
storage medium, and in the data processing apparatus, 
decrypting the content key data and the usage control 
policy data stored in the distributed second module and 
determining the handling of the content data based on 
the related decrypted usage control policy data. 
[0249] Also, a data providing method of a 45th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, distributing the related pro- 
duced key file from the management apparatus to the 
data providing apparatus, providing a first module stor- 
ing a content file storing the content data encrypted by 
using the content key data and the key file received from 
the management apparatus from the data providing ap- 
paratus to the data distribution apparatus, and distribut- 
ing a second module storing the provided content file 
and the key file from the data distribution apparatus to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or re- 
cording the same on a storage medium, and in the data 
processing apparatus, decrypting the content key data 
and the usage control policy data stored in the distrib- 
uted second module and determining the handling of the 
content data stored in the distributed second module 
based on the related decrypted usage control policy da- 
ta. 

[0250] Also, a data providing method of a 46th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
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preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, in the data providing ap- 
paratus, providing a first module storing a content file 
containing the content data encrypted by using the con- 5 
tent key data and a key file received from the manage- 
ment apparatus to the data distribution apparatus, in the 
data distribution apparatus, distributing a second mod- 
ule storing the provided content file to the data process- 
ing apparatus by using a predetermined communication 10 
protocol but in a format not depending upon the related 
communication protocol or recording the same on a 
storage medium, and in the data processing apparatus, 
decrypting the content key data and the usage control 
policy data stored in the distributed second module and *5 
determining the handling of the content data stored in 
the distributed second module based on the related de- 
crypted usage control policy data. 
[0251 ] Also, a data providing method of a 47th aspect 
of the present invention is a data providing method for 20 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 25 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, distributing the produced 30 
key file from the management apparatus to the data pro- 
viding apparatus, individually providing a content file 
storing the content data encrypted by using the content 
key data and the key file received from the management 
apparatus from the data providing apparatus to the data 35 
distribution apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or recording the 
same on a storage medium, and individually distributing 
the distributed content file and the key file from the data *o 
distribution apparatus to the data distribution apparatus, 
and in the data processing apparatus, decrypting the 
content key data and the usage control policy data 
stored in the distributed key file and determining the 
handling of the content data stored in the distributed 
content file based on the related decrypted usage con- 
trol policy data. 

[0252] Also, a data providing method of a 48th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus so 
to a data distribution apparatus and managing the data 
providing apparatus and the data processing apparatus 
by a management apparatus, comprising the steps of, 
in the management apparatus, preparing a key file stor- 
ing encrypted content key data and encrypted usage 55 
control policy data indicating the handling of the content 
data, distributing the related produced key file from the 
management apparatus to the data processing appara- 



tus, providing a content file storing the content data en- 
crypted by using the content key data from the data pro- 
viding apparatus to the data distribution apparatus, dis- 
tributing the provided content file from the data distribu- 
tion apparatus to the data processing apparatus by us- 
ing a predetermined communication protocol but in a 
format not depending upon the related communication 
protocol or recording, the same on a storage medium, 
and in the data processing apparatus, decrypting the 
content key data and the usage control policy data 
stored in the distributed key file and determining the 
handling of the content data stored in the distributed 
content file based on the related decrypted usage con- 
trol policy data. 

[0253] Also, a data providing method of a 49th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of. in the management apparatus, 
preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, in the data providing ap- 
paratus, providing a first module storing the content data 
encrypted by using the content key data and the key file 
received from the management apparatus to the data 
distribution apparatus, in the data distribution appara- 
tus, distributing a second module storing the provided 
content data and the key file to the data processing ap- 
paratus by using a predetermined communication pro- 
tocol but in a format not depending upon the related 
communication protocol or recording the same on a 
storage medium, and in the data processing apparatus, 
decrypting the content key data and the usage control 
policy data stored in the distributed second module and 
determining the handling of the content data stored in 
the distributed second module based on the related de- 
crypted usage control policy data. 
[0254] Also, a data providing method of a 50th aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
preparing a key file storing encrypted content key data 
and encrypted usage control policy data indicating the 
handling of the content data, in the data providing ap- 
paratus, individually providing the content data encrypt- 
ed by using the content key data and the key file re- 
ceived from the management apparatus to the data dis- 
tribution apparatus, in the data distribution apparatus, 
individually distributing the distributed content data and 
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the key file to the data distribution apparatus by using a 
predetermined communication protocol but in a format 
not depending upon the related communication protocol 
or recording the same on a storage medium, and in the 
data processing apparatus, decrypting the content key 
data and the usage control policy data stored in the dis- 
tributed key file and determining the handling of the dis- 
tributed content data based on the related decrypted us- 
age control policy data. 

[0255] Also, a data providing method of a 51 st aspect 
of the present invention is a data providing method for 
distributing content data from a data providing appara- 
tus to a data processing apparatus and managing the 
data providing apparatus and the data processing ap- 
paratus by a management apparatus, comprising the 
steps of, in the management apparatus, preparing a key 
file storing encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data and distributing the related produced key 
file to the data processing apparatus, in the data provid- 
ing apparatus, providing the content data encrypted by 
using the content key data to the data distribution appa- 
ratus, in the data distribution apparatus, distributing the 
provided content data to the data processing apparatus, 
and in the data processing apparatus, decrypting the 
content key data and the usage control policy data 
stored in the distributed key file and determining the 
handling of the distributed content data based on the 
related decrypted usage control policy data. 
[0256] Also, a data providing method of a 52nd aspect 
of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 
processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
providing encrypted content key data and encrypted us- 
age control policy data indicating the handling of the 
content data to the data providing apparatus, in the data 
providing apparatus, individually distributing the content 
data encrypted by using the content key data and the 
encrypted content key data and the encrypted usage 
control policy data received from the management ap- 
paratus to the data distribution apparatus, in the data 
distribution apparatus, individually distributing the dis- 
tributed content data, the encrypted content key, data, 
and the encrypted usage control policy data to the data 
distribution apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or recording the 
same on a storage medium, and in the data processing 
apparatus, decrypting the distributed content key data 
and the usage control policy data and determining the 
handling of the distributed content data based on the 
related decrypted usage control policy data. 
[0257] Also, a data providing method of a 53rd aspect 



of the present invention is a data providing method for 
providing content data from a data providing apparatus 
to a data distribution apparatus, distributing the content 
data from the data distribution apparatus to a data 

s processing apparatus, and managing the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus by a management apparatus, 
comprising the steps of, in the management apparatus, 
distributing encrypted content key data and encrypted 

10 usage control policy data indicating the handling of the 
content data to the data processing apparatus, in the 
data providing apparatus, providing the content data en- 
crypted by using the content key data to the data distri- 
bution apparatus, the data distribution apparatus distrib- 

*5 uting the provided content data to the data processing 
apparatus by using a predetermined communication 
protocol but in a format not depending upon the related 
communication protocol by recording the same on a 
storage medium, and in the data processing apparatus, 

20 decrypting the distributed content key data and the us- 
age control policy data and determining the handling of 
the distributed content data based on the related de- 
crypted usage control policy data. 
[0258] Also, a data providing method of a 54th aspect 

25 of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 
vides master source data of content to the management 

30 apparatus, the management apparatus manages the 
data providing apparatus, the data distribution appara- 
tus, and the data processing apparatus, encrypts the 
provided master source data by using content key data 
to produce content data, produces a content file storing 

35 the related content data, produces a key file storing the 
encrypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 
and provides the content file and the key file to the data 
distribution apparatus, the data distribution apparatus 

<to distributes the provided content file and the key file to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 

45 processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 

50 [0259] Also, a data providing method of a 55th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 

55 vides master source data of content to the management 
apparatus, the management apparatus manages the 
data providing apparatus, the data distribution appara- 
tus, and the data processing apparatus, encrypts the 
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provided master source data by using content key data 
to produce content data, produces a content file storing 
the related content data, produces a key file storing the 
encrypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 5 
and provides the content file to the data distribution ap- 
paratus and provides the key file to the data processing 
apparatus, the data distribution apparatus distributes 
the provided content file to the data processing appara- 
tus by using a predetermined communication protocol io 
but in a format not depending upon the related commu- 
nication protocol or by recording the same on a storage 
medium, and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the provided key file and determines the han- *5 
dling of the content data stored in the distributed content 
file based on the related decrypted usage control policy 
data. 

[0260] Also, a data providing method of a 56th aspect 
of the present invention is a data providing method using 20 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 
vides a content file storing encrypted content data using 
content key data to the management apparatus, the 25 
management apparatus manages the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus, produces a key file storing the 
encrypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 30 
and provides the content file provided from the data pro- 
viding apparatus and the produced key file to the data 
distribution apparatus, the data distribution apparatus 
distributes the provided content file and the key file to 
the data processing apparatus by using a predeter- 35 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed *o 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0261 J Also, a data providing method of a 57th aspect 
of the present invention is a data providing method using 45 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, and a data processing 
apparatus, wherein the data providing apparatus pro- 
vides a content file storing encrypted content data using 
content key data to the management apparatus, the so 
management apparatus manages the data providing 
apparatus, the data distribution apparatus, and the data 
processing apparatus, produces a key file storing the 
encrypted content key data and encrypted usage control 
policy data indicating the handling of the content data, 55 
provides the content file provided from the data provid- 
ing apparatus to the data distribution apparatus and pro- 
vides the produced key file to the data processing ap- 



paratus, the data distribution apparatus distributes the 
provided content file to the data processing apparatus 
by using a predetermined communication protocol but 
in a format not depending upon the related communica- 
tion protocol or by recording the same on a storage me- 
dium, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the provided key file and determines the han- 
dling of the content data stored in the distributed content 
file based on the related decrypted usage control policy 
data. 

[0262] Also, a data providing method of a 58th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, a database device, and 
a data processing apparatus, wherein the data providing 
apparatus encrypts content data by using content key 
data, produces a content file storing the related encrypt- 
ed content data, and stores the related produced con- 
tent file and a key file provided from the management 
apparatus in the database device, the management ap- 
paratus produces a key file storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data and provides 
the related produced key file to the data providing ap- 
paratus, the data distribution apparatus distributes the 
content file and key file obtained from the database de- 
vice to the data processing apparatus by using a prede- 
termined communication protocol but in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0263] Also, a data providing method of a 59th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, a database device, and 
a data processing apparatus, wherein the data providing 
apparatus encrypts content data by using content key 
data, produces a content file storing the related encrypt- 
ed content data, and stores the related produced con- 
tent file in the database device, the management appa- 
ratus produces a key file storing the encrypted content 
key data and encrypted usage control policy data indi- 
cating the handling of the content data and provides the 
related produced key file to the data distribution appa- 
ratus, the data distribution apparatus distributes the 
content file obtained from the database device and the 
key file provided from the data distribution apparatus to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
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key file and determines the handling of the content data 
stored in the distributed content file based on the related 
decrypted usage control policy data. 
[0264] Also, a data providing method of a 60th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, a management apparatus, a database device, and 
a data processing apparatus, wherein the data providing 
apparatus encrypts content data by using content key 
data, produces a content file storing the related encrypt- 
ed content data, and stores the related produced con- 
tent file in the database device, the management appa- 
ratus produces a key file storing the encrypted content 
key data and encrypted usage control policy data indi- 
cating the handling of the content data and provides the 
related produced key file to the data processing appa- 
ratus, the data distribution apparatus distributes the 
content file obtained from the database device to the da- 
ta processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or by recording the 
same on a storage medium, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the provided key file and 
determines the handling of the content data stored in 
the distributed content file based on the related decrypt- 
ed usage control policy data. 

[0265] Also, a data providing method of a 61 st aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 
bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files and key files 
provided from corresponding management apparatus- 
es in the database device, the management apparatus- 
es produce key files storing the encrypted content key 
data and encrypted usage control policy data indicating 
the handling of the content data for the content data pro- 
vided by corresponding data providing apparatuses and 
provide the related produced key files to corresponding 
data providing apparatuses, the data distribution appa- 
ratus distributes the content files and key files obtained 
from the database device to the data processing appa- 
ratus by using a predetermined communication protocol 
but in a format not depending upon the related commu- 
nication protocol or by recording the same on a storage 
medium, and the data processing apparatus decrypts 
the content key data and the usage control policy data 
stored in the distributed key files and determines the 
handling of the content data stored in the distributed 
content files based on the related decrypted usage con- 
trol policy data. 

[0266] Also, a data providing method of a 62nd aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 



bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 

5 files storing the related encrypted content data, and 
store the related produced content files in the database 
device, the management apparatuses produce key files 
storing the encrypted content key data and encrypted 
usage control policy data indicating the handling of the 

10 content data for the content data provided by corre- 
sponding data providing apparatuses and provide the 
related produced key files to the data distribution appa- 
ratus, the data distribution apparatus distributes the 
content files obtained from the database device and the 

15 key files provided from the management apparatuses to 
the data processing apparatus by using a predeter- 
mined communication protocol but in a format not de- 
pending upon the related communication protocol or by 
recording the same on a storage medium, and the data 

20 processing apparatus decrypts the content key data and 
the usage control policy data stored in the distributed 
key files and determines the handling of the content data 
stored in the distributed content files based on the relat- 
ed decrypted usage control policy data. 

25 [0267] Also, a data providing method of a 63rd aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses : a data distri- 
bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 

30 tus, wherein the data providing apparatuses encrypt 
content data by using content key data, produce content 
files storing the related encrypted content data, and 
store the related produced content files in the database 
device, the management apparatuses produce key files 

35 storing the encrypted content key data and encrypted 
usage control policy data indicating the handling of the 
content data for the content data provided by corre- 
sponding data providing apparatuses and provide the 
related produced key files to the data processing appa- 

40 ratus, the data distribution apparatus distributes the 
content files obtained from the database device to the 
data processing apparatus by using a predetermined 
communication protocol but in a format not depending 
upon the related communication protocol or by record- 

45 ing the same on a storage medium, and the data 
processing apparatus decrypts the content key data and 
the usage control policy data stored in the provided key 
files and determines the handling of the content data 
stored in the distributed content files based on the relat- 

50 ed decrypted usage control policy data. 

[0268] Also, a data providing method of a 64th aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 
bution apparatus, a plurality of management apparatus- 
es es : a database device, and a data processing appara- 
tus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses and store content files and key 
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files received from the related management apparatus- 
es in the database, the management apparatuses en- 
crypt the master sources received from corresponding 
data providing apparatuses by using content key data, 
produce content files storing the related encrypted con- 5 
tent data, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data for the con- 
tent data provided by corresponding data providing ap- 
paratuses, and send the produced content files and the 10 
produced key files to corresponding data providing ap- 
paratuses, the data distribution apparatus distributes 
the content files and key files obtained from the data- 
base device to the data processing apparatus by using 
a predetermined communication protocol but in a format 15 
not depending upon the related communication protocol 
or by recording the same on a storage medium, and the 
data processing apparatus decrypts the content key da- 
ta and the usage control policy data stored in the dis- 
tributed key files and determines the handling of the con- 20 
tent data stored in the distributed content files based on 
the related decrypted usage control policy data. 
[0269] Also, a data providing method of a 65th aspect 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 25 
bution apparatus, a plurality of management apparatus- 
es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses and store content files received 30 
from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 
paratuses by using content key data, produce content 
files storing the related encrypted content data, send the 35 
related produced content files to the data providing ap- 
paratuses, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data for the con- 
tent data provided by corresponding data providing ap- *o 
paratuses, send the related produced key files to corre- 
sponding data distribution apparatus, the data distribu- 
tion apparatus distributes the content files obtained from 
the database device and the key files provided from the 
management apparatuses to the data processing appa- 45 
ratus by using a predetermined communication protocol 
but in a format not depending upon the related commu- 
nication protocol or by recording the same on a storage 
medium, and the data processing apparatus decrypts 
the content key data and the usage control policy data so 
stored in the distributed key files and determines the 
handling of the content data stored in the distributed 
content files based on the related decrypted usage con- 
trol policy data. 

[0270] Also, a data providing method of a 66th aspect ss 
of the present invention is a data providing method using 
a plurality of data providing apparatuses, a data distri- 
bution apparatus, a plurality of management apparatus- 



es, a database device, and a data processing appara- 
tus, wherein the data providing apparatuses provide 
master sources of content data to corresponding man- 
agement apparatuses and store content files received 
from the related management apparatuses in the data- 
base, the management apparatuses encrypt the master 
sources received from corresponding data providing ap- 
paratuses by using content key data, produce content 
files storing the related encrypted content data, send the 
related produced content files to the data providing ap- 
paratuses, produce key files storing the encrypted con- 
tent key data and encrypted usage control policy data 
indicating the handling of the content data for the con- 
tent data provided by corresponding data providing ap- 
paratuses, and provide the related produced key files to 
the data processing apparatus, the data distribution ap- 
paratus distributes the content files obtained from the 
database device to the data processing apparatus by 
using a predetermined communication protocol but in a 
format not depending upon the related communication 
protocol or by recording the same on a storage medium, 
and the data processing apparatus decrypts the content 
key data and the usage control policy data stored in the 
provided key files and determines the handling of the 
content data stored in the distributed content files based 
on the related decrypted usage control policy data. 
[0271 ] Also, a data providing method of a 67th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
tus, and a data processing apparatus, wherein the data 
providing apparatus provides a first module storing con- 
tent data encrypted by using content key data, the en- 
crypted content key data, and encrypted usage control 
policy data indicating the handling of the content data to 
the data distribution apparatus, performs charge 
processing in units of the content data based on log data 
received from the data processing apparatus, performs 
profit distribution processing for distributing the profit 
paid by interested parties of the data processing appa- 
ratus to interested parties of the related data providing 
apparatus and interested parties of the data distribution 
apparatus, the data distribution apparatus distributes a 
second module storing the encrypted content data, con- 
tent key data and usage control policy data stored in the 
provided first module to the data processing apparatus 
by using a predetermined communication protocol but 
in a format not depending upon the related communica- 
tion protocol or by recording the same on a storage me- 
dium, and the data processing apparatus decrypts the 
content key data and the usage control policy data 
stored in the distributed module, determines the han- 
dling of the content data based on the related decrypted 
usage control policy data, produces the log data for the 
handling of the related content data and sends the re- 
lated log data to the data providing apparatus. 
[0272] Also, a data providing method of a 68th aspect 
of the present invention is a data providing method using 
a data providing apparatus, a data distribution appara- 
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tus, a data processing apparatus, and a management 
apparatus, wherein the data providing apparatus pro- 
vides content data, the data distribution apparatus dis- 
tributes the content file provided from the data providing 
apparatus or a content file in accordance with the con- 5 
tent data provided by the data providing apparatus re- 
ceived from the management apparatus to the data 
processing apparatus, and the data processing appara- 
tus decrypts the usage control policy data stored in the 
key file received from the data distribution apparatus or 
the management apparatus, determines the handling of 
the content data stored in the content file received from 
the data distribution apparatus or the management ap- 
paratus based on the related decrypted usage control 
policy data, and further distributes the content file and 
key file received from the data distribution apparatus or 
the management apparatus to the other data processing 
apparatus. 

[0273] Also, a data providing system of a 71 st aspect 
of the present invention is a data providing system for 
distributing content data from a data providing appara- 
tus to a data processing apparatus, wherein the data 
providing apparatus distributes a module storing con- 
tent data encrypted by using content key data, the en- 
crypted content key data, and encrypted usage control 
policy data indicating the handling of the content data in 
a format not depending upon at least one among exist- 
ence of a compression of the content data, a compres- 
sion method, a method of the encryption, and parame- 
ters of a signal giving the content data to the data 
processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or by recording the 
same on a storage medium, and the data processing 
apparatus decrypts the content key data and the usage 
control policy data stored in the distributed module and 
determines the handling of the content data based on 
the related decrypted usage control policy data. 
[0274] Also, a data providing system of a 72nd aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, and a data processing apparatus, wherein the 
data providing apparatus distributes a first module stor- 
ing content data encrypted by using content key data, 
the encrypted content key data, and encrypted usage 
control policy data indicating the handling of the content 
data in a format not depending upon at least one among 
existence of compression of the content data, a com- 
pression method, a method of the encryption, and pa- 
rameters of a signal giving the content data to the data 
distribution apparatus, the data distribution apparatus 
distributes a second module storing the encrypted con- 
tent data, content key data, and the usage control policy 
data stored in the provided first module to the data 
processing apparatus by using a predetermined com- 
munication protocol but in a format not depending upon 
the related communication protocol or by recording the 
same on a storage medium, and the data processing 
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apparatus decrypts the content key data and the usage 
control policy data stored in the distributed second mod- 
ule and determines the handling of the content data 
based on the related decrypted usage control policy da- 
ta. 

[0275] Also, a data providing system of a 73rd aspect 
of the present invention is a data providing system hav- 
ing a data providing apparatus, a data distribution ap- 
paratus, and a data processing apparatus, wherein the 
data providing apparatus distributes a first module stor- 
ing content data encrypted by using content key data, 
the encrypted content key data, and encrypted usage 
control policy data indicating the handling of the content 
data to the data distribution apparatus, the data distri- 
bution apparatus encrypts a plurality of second modules 
storing the encrypted content data, content key data, 
and the usage control policy data stored in the provided 
first module by using a common key obtained by mutual 
certification with the data processing apparatus, and 
then distributes the same to the data processing appa- 
ratus by using a predetermined communication protocol 
but in a format not depending upon the related commu- 
nication protocol, and the data processing apparatus 
has a first processing circuit for decrypting the distribut- 
ed plurality of second modules by using the common 
key, selecting a single or a plurality of second modules 
from among the related decrypted plurality of second 
modules, and performing charge processing with re- 
spect to a distribution service of the second modules 
and a tamper resistant second processing circuit receiv- 
ing the selected the second modules, decrypting the 
content key data and the usage control policy data 
stored in the related second modules, and determining 
the handling of the content data based on the related 
decrypted usage control policy data. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0276] 

Fig. 1 is a view of the overall configuration of an 
EMD system of a first embodiment of the present 
invention, 

Fig. 2 is a view for explaining a concept of a secure 
container of the present invention, 
Fig. 3 is a functional block diagram of a content pro- 
vider shown in Fig. 1 and a view of a flow of data 
related to data transmitted and received with a SAM 
of a user home network, 

Fig. 4 is a functional block diagram of the content 
provider shown in Fig. 1 and a view of the flow of 
data related to the data transmitted and received 
between the content provider and an EMD service 
center, 

Figs. 5A to 5C are views for explaining a format of 
the secure container transmitted from the content 
provider shown in Fig. 1 to the SAM, 
Fig. 6 is a view for explaining data contained in a 
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content file shown in Fig. 5 in detail, 

Fig. 7 is a view for explaining data contained in a 

key file shown in Fig. 5 in detail, 

Fig. 8 is a view for explaining a header data stored 

in the content file, 5 

Fig. 9 is a view for explaining a content ID, 

Fig. 10 is a view for explaining a directory structure 

of the secure container, 

Fig. 1 1 is a view for explaining a hyper link structure 
of the secure container, io 
Fig. 12 is a view for explaining a first example of 
ROM type storage medium used in the present em- 
bodiment, 

Fig. 13 is a view for explaining a second example 

of the ROM type storage medium used in the '5 

present embodiment, 

Fig. 14 is a view for explaining a third example of 
the ROM type storage medium used in the present 
embodiment, 

Fig. 15 is a view for explaining a first example of 20 
RAM type storage medium used in the present em- 
bodiment, 

Fig. 16 is a view for explaining a second example 
of the RAM type storage medium used in the 
present embodiment, 25 
Fig. 17 is a view for explaining a third example of 
the RAM type storage medium used in the present 
embodiment, 

Fig. 1 8 is a view for explaining a registration request 
use module transmitted from the content provider 30 
to the EMD service center, 

Fig. 1 9 is a flowchart showing a routine of process- 
ing for registration from the content provider to the 
EMD service center, 

Fig. 20 is a flowchart showing a routine of process- 35 
ing for preparation of an explanation in the content 
provider. 

Fig. 21 is a flowchart showing a routine of process- 
ing for preparation of an explanation in the content 
provider, *o 
Fig. 22 is a flowchart showing a routine of process- 
ing for preparation of an explanation in the content 
provider 

Fig. 23 is a functional block diagram of the EMD 
service center shown in Fig. 1 and a view of the flow 45 
of the data related to the data transmitted and re- 
ceived with the content provider, 
Fig. 24 is a functional block diagram of the EMD 
service center shown in Fig. 1 and a view of the flow 
of the data related to the data transmitted and re- so 
ceived between the SAM and a settlement manager 
shown in Fig. 1 , 

Fig. 25 is a view of the configuration of network ap- 
paratuses in the user home network shown in Fig. 1 , 
Fig. 26 is a functional block diagram of a SAM in the 55 
user home network shown in Fig. 1 and a view of 
the flow of the data until the secure container re- 
ceived from the content provider is decrypted, 
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Fig. 27 is a view for explaining data stored in an ex- 
ternal memory shown in Fig. 25. 
Fig. 28 is a view for explaining data stored in a stack 
memory. 

Fig. 29 is another view of the configuration of the 
network apparatus in the user home network shown 
in Fig. 1 , 

Fig. 30 is a view for explaining data stored in a stor- 
age unit shown in Fig. 26, 

Fig. 31 is afunctional block diagram of the SAM in 
the user home network shown in Fig. 1 and a view 
of the flow of the data related to processing for using 
and/or purchasing the content data. 
Fig. 32 is a view for explaining the flow of processing 
in a transferring side SAM in a case where the con- 
tent file which is downloaded on a download mem- 
ory of the network apparatus shown in Fig. 25 and 
with a purchase form already determined therefor 
is transferred to the SAM of an AV apparatus, 
Fig. 33 is a view of the flow of the data in the trans- 
ferring side SAM in the case shown in Fig. 32, 
Figs. 34 A to 34D are views for explaining the format 
of the secure container for which the purchase form 
is determined, 

Fig. 35 is a view of the flow of the data when writing 
the input content file etc. in a RAM type or ROM type 
storage medium in the transferring side SAM in the 
case shown in Fig. 32, 

Fig. 36 is a view for explaining the flow of processing 
when determining the purchase form in an AV ap- 
paratus in a case where the user home network is 
receives the ROM type storage medium shown in 
Fig. 7 for which the purchase form of the content 
has not been determined off-line. 
Fig. 37 is a view of the flow of the data in the SAM 
in the case shown in Fig. 36, 
Fig. 38 is a view for explaining the flow of processing 
when reading the secure container from the ROM 
type storage medium with the purchase form not yet 
determined in the AV apparatus in the user home 
network, transferring this to another AV apparatus, 
and writing the same in a RAM type storage medi- 
um, 

Fig. 39 is a view of the flow of the data in the trans- 
ferring side SAM in the case shown in Fig. 38, 
Figs. 40A to 40C are views for explaining the format 
of the secure container transferred from the trans- 
ferring side SAM to a transferred side SAM in Fig. 
38, 

Fig. 41 is a view of the flow of data in the transferred 
side SAM in the case shown in Fig. 38, 
Figs. 42A to 42F are views for explaining the format 
of the data transmitted and received among the 
content provider shown in Fig. 1 , EMD service cent- 
er, and SAM by an In-band method, and an out-of- 
band method, 

Figs. 43G to 43J are views for explaining the format 
of the data transmitted and received among the 
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content provider shown in Fig. 1 , EMD service cent- 
er, and SAM by the in-band method and the out-of- 
band method, 

Fig. 44 is a view for explaining an example of a con- 
nection configuration of apparatuses to buses in the 5 
user home network, 

Fig. 45 is a view for explaining the data format of a 
SAM registration list produced by a SAM : 
Fig. 46 is a view for explaining the data format of 
the SAM registration list produced by the EMD serv- 10 
ice center, 

Fig. 47 is a flowchart of the overall operation of the 
content provider shown in Fig. 1 , 
Fig. 48 is a view for explaining an example of a de- 
livery protocol of the secure container used in the '5 
EMD system of a first embodiment, 
Fig. 49 is a view for explaining a second modifica- 
tion of the first embodiment of the present invention, 
Fig. 50 is a view for explaining a third modification 
of the first embodiment of the present invention, 20 
Fig. 51 is a view for explaining a case where a first 
procedure is employed in a fourth modification of 
the first embodiment of the present invention, 
Fig. 52 is a view for explaining a case where a sec- 
ond procedure is employed in a fourth modification 25 
of the first embodiment of the present invention, 
Fig. 53 is a view for explaining a fifth modification 
of the first embodiment of the present invention, 
Fig. 54 is a view for explaining a first pattern of a 
sixth modification of the first embodiment of the 30 
present invention, 

Fig. 55 is a view for explaining a second pattern of 
a sixth modification of the first embodiment of the 
present invention. 

Fig. 56 is a view for explaining a third pattern of a 35 
sixth modification of the first embodiment of the 
present invention. 

Fig. 57 is a view for explaining a fourth pattern of a 
sixth modification of the first embodiment of the 
present invention. 40 
Fig. 58 is a view for explaining a fifth pattern of a 
sixth modification of the first embodiment of the 
present invention, 

Fig. 59 is an overall view of the configuration of the 
EMD system of a second embodiment of the 45 
present invention, 

Fig. 60 is a functional block diagram of the content 
provider shown in Fig. 59 and a view of the flow of 
the data related to the secure container transmitted 
to a service provider, so 
Fig. 61 is a flowchart showing a routine of process- 
ing for delivery of the secure container performed 
in the content provider 

Fig. 62 is a flowchart showing a routine of the 
processing for delivery of the secure container per- ss 
formed in the content provider, 
Fig. 63 is a functional block diagram of the service 
provider shown in Fig. 59 and a view of the flow of 



the data transmitted and received with the user 
home network, 

Fig. 64 is a flowchart showing a routine of the 
processing for preparation of the secure container 
performed in the service provider, 
Figs. 65A to 65D are views for explaining the format 
of the secure container transmitted from the service 
provider shown in Fig. 59 to the user home network, 
Fig. 66 is a view for explaining a transmission format 
of the content file stored in the secure container 
shown in Fig. 65, 

Fig. 67 is a view for explaining the transmission for- 
mat of the key file stored in the secure container 
shown in Fig. 65, 

Fig. 68 is a functional block diagram of the service 
provider shown in Fig. 59 and a view of the flow of 
the data transmitted and received with the EMD 
service center, 

Fig. 69 is a view for explaining the format of a price 
tag registration request use module transmitted 
from the service provider to the EMD service center. 
Fig. 70 is a functional block diagram of the EMD 
service center shown in Fig. 59 and a view of the 
flow of the data related to the data transmitted and 
received with the service provider, 
Fig. 71 is a functional block diagram of the EMD 
service center shown in Fig. 59 and a view of the 
flow of the data related to the data transmitted and 
received with the content provider, 
Fig. 72 is a functional block diagram of the EMD 
service center shown in Fig. 59 and a view of the 
flow of the data related to the data transmitted and 
received with the SAM, 

Fig. 73 is a view for explaining contents of usage 
log data, 

Fig. 74 is a view of the configuration of the network 
apparatus shown in Fig. 59, 
Fig. 75 is a functional block diagram of a CA module 
shown in Fig. 74, 

Fig. 76 is a functional block diagram of the SAM 
shown in Fig. 74 and a view of the flow of the data 
from the input of the secure container to decryption, 
Fig. 77 is a view for explaining the data stored in the 
storage unit shown in Fig. 76, 
Fig. 78 is a functional block diagram of the SAM 
shown in Fig. 74 and a view of the flow of the data 
in a case where a purchase and/or usage form of 
the content etc. are determined, 
Fig. 79 is a flowchart showing a routine of process- 
ing for determining the purchase form of the secure 
container in the SAM, 

Fig. 80 is a view for explaining the format of the key 
file after the purchase form is determined, 
Figs. 81 A to 81 E are views for explaining the flow 
of the processing in the transferred side SAM in a 
case where the content file downloaded on the 
download memory of the network apparatus shown 
in Fig. 74 and with the purchase form already de- 
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termined therefor is transferred to the SAM of the 
AV apparatus, 

Fig. 82 is a view of the flow of the data in the trans- 
ferring side SAM in the case shown in Fig. 81 , 
Fig. 83 is a view of the flow of the data in the trans- 5 
ferred side SAM in the case shown in Fig. 81 , 
Fig. 84 is a flowchart of the overall operation of the 
EMD system shown in Fig. 59, 
Fig. 85 is a flowchart of the overall operation of the 
EMD system shown in Fig. 59, io 
Fig. 86 is a view for explaining an example of the 
delivery format of the secure container from the 
service provider to the user home network in the 
EMD system of the second embodiment, 
Fig. 87 is a view for explaining an example of the *5 
delivery protocol of the secure container employed 
by the EMD system of the second embodiment, 
Fig. 88 is a view for explaining the delivery protocol 
used when delivering the secure container etc. from 
the user home network to a service provider 31 0 in 20 
Fig. 87 : 

Fig. 89 is a view for explaining the delivery protocol 
used when delivering the key file etc. from the con- 
tent provider to the EMD service center in Fig. 87, 
Fig. 90 is a view for explaining the delivery protocol 25 
used when delivering a price tag data 312 etc. from 
the service provider to the EMD service center in 
Fig. 87, 

Fig. 91 is a view for explaining the delivery protocol 
used when delivering the secure container etc. in 30 
the user home network in Fig. 87, 
Fig. 92 is a view for explaining an implement format 
of the secure container to a protocol layer in a case 
where XML/SMIL/BML is utilized for a data broad- 
cast method of a digital broadcast, 35 
Fig. 93 is a view for explaining the implement format 
of the secure container to the protocol layer in a 
case where MHEG is utilized for the data broadcast 
method of the digital broadcast, 

Fig. 94 is a view for explaining the implement format <*o 
of the secure container to the protocol layer in a 
case where XM L/SMIL is utilized for the data broad- 
cast method of an interface, 
Fig. 95 is a view for explaining the delivery protocol 
used when delivering the usage log data etc. from 45 
the user home network to the EMD service center, 
Fig. 96 is a view for explaining the delivery protocol 
used when delivering the secure container etc. in 
the user home network, 

Fig. 97 is a view of the configuration of the EMD so 
system using two service providers according to a 
first modification of the second embodiment of the 
present invention, 

Fig. 98 is a view of the configuration of the EMD 
system using a plurality of content providers ac- 55 
cording to a second modification of the second em- 
bodiment of the present invention, 
Fig. 99 is a view of the configuration of the EMD 
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system according to a third modification of the sec- 
ond embodiment of the present invention, 
Fig. 100 is a view of the configuration of the EMD 
system according to a fourth modification of the sec- 
ond embodiment of the present invention, 
Fig. 101 is a view for explaining a form of a route 
for acquiring certificate data, 
Fig. 1 02 is a view for explaining processing in a case 
where the certificate data of the content provider is 
invalidated, 

Fig. 1 03 is a view for explaining processing in a case 
where the certificate data of the service provider is 
invalidated, 

Fig. 1 04 is a view for explaining processing in a case 
where the certificate data of the SAM is invalidated, 
Fig. 1 05 is a view for explaining another processing 
in the case where the certificate data of the SAM is 
invalidated, 

Fig. 1 06 is a view for explaining a case where a right 
management use clearinghouse and an electronic 
settlement use clearinghouse are provided in the 
EMD system shown in Fig. 47 in place of the EMD 
service center, 

Fig. 107 is a view of the configuration of the EMD 
system in a case where the right management use 
clearinghouse and the electronic settlement use 
clearinghouse shown in Fig. 106 are provided in a 
single EMD service center, 

Fig. 108 is a view of the configuration of the EMD 
system in a case where the service provider directly 
performs settlement at the electronic settlement 
use clearinghouse, 

Fig. 109 is a view of the configuration of the EMD 
system in a case where the content provider directly 
performs settlement at the electronic settlement 
use clearinghouse, 

Fig. 110 is a view of the configuration of the EMD 
system in a case where the content provider is fur- 
ther provided with functions of both of the right man- 
agement use clearinghouse and the electronic set- 
tlement use clearinghouse, 

Fig. 111 is a view for explaining the format of the 
secure container provided from the content provider 
to the service provider shown in Fig. 47 in an eighth 
modification of the second embodiment of the 
present invention, 

Fig. 112 is a view for explaining a link relationship 
by directory structure data between the content file 
and the key file shown in Fig. 1 1 1 . 
Fig. 113 is a view for explaining another example of 
the directory structure between the content file and 
the key file, 

Fig. 114 is a view for explaining the format of the 
secure container provided from the service provider 
to the SAM shown in Fig. 47 in the eighth modifica- 
tion of the second embodiment of the present inven- 
tion, 

Fig. 115 is a view for explaining a first concept of 
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the data format of a composite type secure contain- 
er, 

Fig. 116 is a view for explaining a second concept 
of the data format of the composite type secure con- 
tainer, 5 
Fig. 1 1 7 is a view for explaining a case where a first 
procedure is employed in the EMD system accord- 
ing to the eighth modification of the second embod- 
iment of the present invention, 

Fig. 1 1 8 is a view for explaining a case where a sec- 10 
ond procedure is employed in the EMD system ac- 
cording to the eighth modification of the second em- 
bodiment of the present invention, 
Fig. 119 is a view for explaining a data format in a 
case where the file format is not employed in the 1$ 
EMD system according to the eighth modification of 
the second embodiment of the present invention, 
Fig. 120 is a view of the configuration of the EMD 
system according to a 10th modification of the sec- 
ond embodiment of the present invention, 20 
Fig. 121 is a view of the configuration of the EMD 
system according to a first pattern of an 11th mod- 
ification of the second embodiment of the present 
invention, 

Fig. 122 is a view of the configuration of the EMD 25 
system according to a second pattern of the 11th 
modification of the second embodiment of the 
present invention, 

Fig. 123 is a view of the configuration of the EMD 
system according to a third pattern of the 1 1 th mod- 30 
ification of the second embodiment of the present 
invention, 

Fig. 124 is a view of the configuration of the EMD 
system according to a fourth pattern of the 11th 
modification of the second embodiment of the 35 
present invention, 

Fig. 125 is a view of the configuration of the EMD 
system according to a fifth pattern of the 1 1th mod- 
ification of the second embodiment of the present 
invention, 40 
Fig. 126 is a view of the configuration of the EMD 
system according to a ninth modification of the sec- 
ond embodiment of the present invention, 
Fig. 1 27 is a view for explaining a file inclusion size 
relationship of the secure container in the second 45 
embodiment of the present invention, 
Fig. 1 28 is a view for explaining the EMD system of 
a third embodiment of the present invention, 
Fig. 129 is a functional block diagram of the EMD 
service center shown in Fig. 128, so 
Fig. 130 is a view for explaining a modification of 
the EMD system of the third embodiment of the 
present invention, 

Fig. 131 is a view for explaining the EMD system of 
a fourth embodiment of the present invention, ss 
Fig. 132 is a view for explaining a modification of 
the EMD system of the fourth embodiment of the 
present invention, 
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Fig. 133 is a view for explaining the EMD system of 
a fifth embodiment of the present invention, 
Fig. 134 is a view for explaining a modification of 
the EMD system of the fifth embodiment of the 
present invention, 

Fig. 135 is a view for explaining another modifica- 
tion of the EMD system of the fifth embodiment of 
the present invention, 

Fig. 136 is a view for explaining the EMD system of 
a sixth embodiment of the present invention, 
Fig. 137 is a view for explaining a modification of 
the EMD system of the sixth embodiment of the 
present invention, 

Fig. 138 is a view for explaining another modifica- 
tion of the EMD system of the sixth embodiment of 
the present invention, 

Fig. 139 is a view for explaining the EMD system of 
a seventh embodiment of the present invention, 
Fig. 140 is a view for explaining a modification of 
the EMD system of the seventh embodiment of the 
present invention, 

Fig. 141 is a view for explaining another modifica- 
tion of the EMD system of the seventh embodiment 
of the present invention, 

Fig. 142 is a view for explaining the EMD system of 
an eighth embodiment of the present invention, 
Fig. 143 is a view for explaining the EMD system of 
a ninth embodiment of the present invention, 
Fig. 144 is a view for explaining the format of the 
key file in a case where the key file is produced in 
the content provider, and 

Fig. 145 is a view of the configuration of a conven- 
tional EMD system. 

BEST MODE FOR WORKING THE INVENTION 

[0277] Below, an explanation will be given of an EMD 
(electronic music distribution) system according to the 
present embodiment. 

First embodiment 

[0278] Figure 1 is a view of the configuration of an 
EMD system 100 of the present embodiment. 
[0279] In the present embodiment, the content data 
distributed to the user means digital, data with the infor- 
mation per se having value and includes image data, 
audio data, programs (software), etc., but an explana- 
tion will be given below by taking as an example music 
data. 

[0280] As shown in Fig. 1 , the EMD system 100 has 
a content provider 101 , an EMD service center (clear- 
inghouse, hereinafter, also described as an "ESC") 102, 
and a user home network 1 03. 

[0281] Here, the content provider 101, EMD service 
center 102, and SAMs 105-, to 105 4 correspond to the 
data providing apparatus, management device, and the 
data processing apparatuses according to claim 1 , claim 
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6, claim 104, and claim 109. 

[0282] First, a brief explanation will be given of the 
EMD system 100. 

[0283] In the EMD system 100, the content provider 
1 01 sends the content key data Kc used when encrypt- 
ing the content data C of the content to be provided by 
itself, usage control policy (UCR certificate of title) data 
1 06 indicating the content of rights such as usage per- 
mission conditions of the content data C, and electronic 
watermark information management data indicating the 
content and buried location of the electronic watermark 
information to the EMD service center 102 serving as 
the reputable authority manager. 

[0284] The EMD service center 1 02 registers (certi- 
fies or authorizes) the content key data Kc, usage con- 
trol policy data 1 06, and the electronic watermark infor- 
mation key data received from the content provider 1 01 . 
[0285] Also, the EMD service center 1 02 produces a 
key file KF with the content key data Kc encrypted by 
the distribution use key data KD n to KD 6 of a corre- 
sponding period, the usage control policy data 1 06, and 
its own signature data stored therein and sends this to 
the content provider 101. 

[0286] Here, the signature data is used for verifying 
existence of tampering with the key file KF. the legitima- 
cy of the author of the key file KF : and the fact that the 
key file KF was normally registered in the EMD service 
center 102. 

[0287] Also, the content provider 101 encrypts the 
content data C by the content key data Kc and distrib- 
utes a secure container (module of the present inven- 
tion) 104 storing the related produced content file CF, 
key file KF received from the EMD service center 102, 
its own signature data, etc. therein to the user home net- 
work 1 03 by using a network such as the Internet, digital 
broadcast, or package media such as storage media. 
[0288] Here, the signature data stored in the secure 
container 1 04 is used for verifying the existence of tam- 
pering with the corresponding data and the legitimacy 
of the author and transmitter of the related data. 
[0289] The user home network 103 has for example 
a network apparatus 1 60 1 and AV apparatuses 1 60 2 to 
160 4 . 

[0290] The network apparatus 160 1 includes a built- 
in SAM (secure application module) 105 v 
[0291] The AV apparatuses 160 2 to 1 60 4 include built- 
in SAMs 1 05 1 to 1 05 4 . The SAMs 1 05^ to 1 05 4 are con- 
nected to each other via a bus 1 91 for example an IEEE 
(Institute of Electrical and Electronics Engineers) 1394 
serial interface bus. 

[0292] The SAMs 105 1 to 105 4 decrypt the secure 
container 104 received by the network apparatus 160! 
via the network or the like from the content provider 1 01 
on-line and/or the secure container 104 received at the 
AV apparatuses 160 2 to 160 4 from the content provider 
101 via storage media off-line by using the distribution 
use key data KD-, to KD 3 of the corresponding period, 
then perform the verification of the signature data. 



[0293] The secure container 104 supplied to the 
SAMs 105 1 to 105 4 becomes the object of the reproduc- 
tion, recording to a storage medium etc. after the pur- 
chase and/or usage form is determined by an operation 
5 of the users in the network apparatus 1 60., and the AV 
apparatuses 160 2 to 160 4 . 

[0294] The SAMs 1 0S, to 1 05 4 record the log of the 
purchase and/or usage form of the secure container 1 04 
as usage log data 1 08 and, at the same time, produce 
io usage control status data 166 indicating the purchase 
form. 

[0295] The usage log data 1 08 is transmitted from the 
user home network 103 to the EMD service center 102 
in response to for example a request from the EMD serv- 
es jce center 102. 

[0296] The usage control status data 1 66 is transmit- 
ted from the user home network 1 03 to the EMD service 
center 102 whenever for example the purchase form is 
determined. 

[0297] The EMD service center 1 02 determines (cal- 
culates) a charge content based on the usage log data 
1 08 and performs settlement at a settlement manager 
91 such as a bank via a payment gateway 90. By this, 
the money paid to the settlement manager 91 by the us- 
er of the user home network 1 03 is paid to the content 
provider 101 by the settlement processing by the EMD 
service center 102. 

[0298] Also, the EMD service center 1 02 transmits the 
settlement report data 107 to the content provider 101 
at every predetermined period. 

[0299] In the present embodiment, the EMD service 
center 1 02 has a certificate authority function, a key data 
management function, and a right clearing (profit distri- 
bution) function. 

[0300] Namely, the EMD service center 1 02 functions 
as a second certificate authority with respect to a route 
certificate authority 92 as the highest authority manager 
located at a neutral position (located in the lower layer 
of the route certificate authority 92) and certifies the le- 
gitimacy of the related public key data by attaching a 
signature by secret key data of the EMD service center 
102 to the certificate data of the public key data used 
for the verification processing of the signature data in 
the content provider 101 and SAMs 105! to 105 4 . Also, 
as mentioned above, the registration and authorization 
of the usage control policy data 106 of the content pro- 
vider 101 by the EMD service center 102 is one of the 
certificate authority functions of the EMD service center 
102. 

[0301] Also, the EMD service center 102 has a key 
data management function for managing the key data, 
for example, the distribution use key data KD., to KD 6 . 
[0302] Also, the EMD service center 102 has a right 
clearing (profit distribution) function of performing set- 
tlement for a purchase and/or usage of the content by 
the user based on the suggested retailer* price SRP de- 
scribed in the authorized usage control policy data 106 
and the usage log data 108 input from the SAMs 105! 
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to T05 4 and distributing money paid by the user to the 
content provider 101. 

[0303] Figure 2 is a view summarizing the concept of 
the secure container 104. 

[0304] As shown in Fig. 2, in the secure container 1 04, 
the content file CF produced by the content provider 1 01 
and the key file KF produced by the EMD service center 
102 are stored. 

[0305] In the content file CF, header data containing 
the header portion and the content ID, the encrypted 
content data C using the content key data Kc, and the 
signature data using a secret key data K CPS of the con- 
tent provider 101 for them are stored. 
[0306] In the key file KF, the header data containing 
the header portion and the content ID, the content key 
data Kc, and the usage control policy data 1 06 encrypt- 
ed by the distribution use key data KD 1 to KD 6 and the 
signature data by secret key data K ESC S of the EMD 
service center 102 for them are stored. 
[0307] Below, a detailed explanation will be given of 
the components of the content provider 101 . 

[Content Provider 101] 

[0308] Figure 3 is a functional block diagram of the 
content provider 101 and shows the flow of the data re- 
lated to the data transmitted and received with the SAMs 
1 05 1 to 1 05 4 of the user home network 1 03. 
[0309] Also, in Fig. 4, the flow of the data related to 
the data transmitted and received between the content 
provider 1 01 and the EMD service center 1 02 is shown. 
[0310] Note that, in Fig. 4 and the following drawings, 
the flow of the data input and output to and from the 
signature data processing unit and the encryption and/ 
or decryption unit using session key data K SES is omit- 
ted. 

[0311] As shown in Fig. 3 and Fig. 4, the content pro- 
vider 101 has a content master source database 111, 
an electronic watermark information addition unit 112, a 
compression unit 113, an encryption unit 114, a random 
number generation unit 115, an expansion unit 116, a 
signature processing unit 117, a secure container prep- 
aration unit 118, a secure container database 118a, a 
key file database 118b, a storage unit (database) 119, 
a mutual certification unit 120, an encryption and/or de- 
cryption unit 121, a usage control policy data prepara- 
tion unit 122, an audial check unit 123, a SAM manage- 
ment unit 1 24, an EMD service center management unit 
125, and a content ID generation unit 850. 
[031 2] The content provider 1 01 registers for example 
its own generated public key data, ID, and its own bank 
account number (account number for settlement) in the 
EMD service center 102 off-line before communicating 
with the EMD service center 102 and acquires its own 
identifier (identification number) CP_ID. Also, the con- 
tent provider 101 receives the public key data of the 
EMD service center 102 and the public key data of the 
route certificate authority 92 from the EMD service cent- 



82 
er 102. 

[031 3] Below, an explanation will be given of the func- 
tional blocks of the content provider 101 shown in Fig. 
3 and Fig. 4. 

5 [0314] The content master source database 111 
stores the content data as the master source of the con- 
tent to be provided to the user home network 103 and 
outputs content data S111 to be provided to the elec- 
tronic watermark information addition unit 112. 

10 [0315] The electronic watermark information addition 
unit 112 buries a source watermark Ws, a copy control 
watermark Wc : a user watermark Wu, a link watermark 
WL, etc. in the content data S111 to produce content 
data S1 1 2 and outputs the content data S1 1 2 to the com- 

15 pression unit 113. 

[0316] The source watermark Ws is information con- 
cerning the copyright such as the name of the copyright 
owner of the content data, the ISRC code, authoring 
date, authoring apparatus ID (identification data), and 

20 destination of distribution of the content. 

[0317] The copy control watermark Wc is information 
containing a copy prohibition bit for prevention of copy- 
ing via an analog interface. 

[0318] The user watermark Wu contains, for example, 

25 the identifier CP_ID of the content provider 101 for spec- 
ifying the origin of distribution and the destination of dis- 
tribution of the secure container 104 and identifiers 
SAM_ID 1 to SAMJD 4 of the SAMs 105! to 105 4 of the 
user home network 103. 

30 [0319] The link watermark WL contains for example 
the content ID of the content data C. 
[0320] By burying the link watermark WL in the con- 
tent data C, even in a case where the content data C is 
distributed by an analog broadcast for example a tele- 

35 vision or AM/FM radio, the EMD service center 1 02 can 
introduce a content provider 101 handling the related 
content data C to the user in response to a request from 
the user. Namely, by detecting the link watermark WL 
buried in the content data C utilizing an electronic wa- 

40 termark information decoder at the receiving location of 
the related content data C and transmitting the content 
ID contained in the related detected link watermark WL 
to the EMD service center 102, the EMD service center 
1 02 can introduce the content provider 1 01 etc. handling 

45 the related content data C to the related user. 

[0321] Concretely, for example, if the user pushes a 
predetermined button at a point of time when he thinks 
that the music being broadcast is good while listening 
to the radio in a car, the electronic watermark informa- 

so tion decoder built-in the related radio detects the content 
ID contained in the link watermark WL buried in the re- 
lated content data C, a communication address, etc. of 
the EMD service center 1 02 registering the related con- 
tent data C etc., and stores the related detected data in 

55 a media SAM carried in for example a memory stick or 
other semiconductor memory or an MD (Mini Disc) or 
other optical disc or other portable medium. Then, he 
sets the related movable media in the network appara- 
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tus carrying a SAM connected to the network. Then, af- 
ter mutual certification by the related SAM and the EMD 
service center 102, he transmits the personal informa- 
tion carried in the media SAM and the stored content ID 
etc. from the network apparatus to the EMD service s 
center 102. Thereafter, the network apparatus receives 
an introduction list etc. of the content provider 101 etc. 
handling the related content data C from the EMD serv- 
ice center 102. 

[0322] In addition, for example, when the EMD serv- 10 
ice center 1 02 receives the content ID etc. from the user, 
the information specifying the related user may be noti- 
fied to the content provider 101 providing the content 
data C corresponding to the related content ID. In this 
case, the content provider 101 receiving the related '5 
communication transmits the related content data C to 
the network apparatus of the user if the related user is 
a contracting subscriber or may transmit promotional in- 
formation concerning itself to the network apparatus of 
the user if the related user is not a contracting subscrib- 20 
ex. 

[0323] Note that, in the second embodiment men- 
tioned later, an EMD service center 302 can introduce 
a service provider 31 0 handling the related content data 
C to the user based on the link watermark WL. 25 
[0324] Also, in the present embodiment, preferably, 
the content and buried location of each electronic wa- 
termark information are defined as a watermark module 
WM, and the watermark module WM is registered and 
managed in the EMD service center 102. The water- 30 
mark module WM is used when for example the network 
apparatus 1 60 1 and the AV apparatuses 1 60 2 to 1 60 4 in 
the user home network 103 verify the legitimacy of the 
electronic watermark information. 

[0325] For example, in the user home network 1 03, 35 
by deciding that the electronic watermark information is 
legitimate where both of the buried location of the elec- 
tronic watermark information and the content of the bur- 
ied electronic watermark information match based on 
the user watermark module managed by the EMD serv- *o 
ice center 1 02, the burial of a false electronic watermark 
information can be detected with a high probability. 
[0326] The compression unit 113 compresses the 
content data S1 1 2 by an acoustic compression method, 
for example ATRAC3 (Adaptive Transform Acoustic 45 
Coding 3) (trademark), and outputs compressed con- 
tent data S113 to the encryption unit 114. 
[0327] In this case, at the time of compression by the 
compression unit 1 1 3, it is also possible to bu ry the elec- 
tronic watermark information in the content data again, so 
Concretely, as shown in Fig. 3, when the content data 
113 is expanded at the expansion unit 116 to produce 
content data S116 and the content data S116 is repro- 
duced at the audial check unit 1 23, the influence exerted 
upon the quality of sound by the burial of the electronic 55 
watermark information is decided by for example a per- 
son actually listening to it. Where it does not satisfy a 
predetermined standard, the electronic watermark infor- 



mation addition unit 112 is instructed to perform the 
processing for burying the electronic watermark infor- 
mation again. 

[0328] By this, when employing an acoustic compres- 
sion method accompanied by for example loss of data, 
it is possible to adequately cope with the case where the 
buried electronic watermark information is lost due to 
the related compression. Further, it is also possible to 
expand the compressed content data again and confirm 
whether or not the buried electronic watermark informa- 
tion can be correctly detected. In this case, the feeling 
of the sound quality is also verified. Where there is a 
problem in the sound, the burial of the electronic water- 
mark information is adjusted. For example, where the 
electronic watermark information is buried by using a 
masking effect, the layer for burying the electronic wa- 
termark information is adjusted. 

[0329] The encryption unit 114 uses the content key 
data Kc as the common key, encrypts the content data 
S1 1 3 by a common key encryption method such as DES 
(Data Encryption Standard) or Triple DES to produce the 
content data C, and outputs this to the secure container 
preparation unit 118. 

[0330] Also, the encryption unit 114 encrypts an AW 
expansion use software Soft, a meta data Meta, and the 
watermark module WM by using the content key data 
Kc as the common key and then outputs them to the 
secure container preparation unit 117. 
[0331] DES is the encryption method for processing 
64 bits of plain text as one block by using a common key 
of 56 bits. The processing of DES is comprised of a por- 
tion for scrambling the plain text to convert the same to 
encrypted text (data scrambling portion) and a portion 
for creating the key (magnification key) data used in the 
data scrambling portion from the common key data (key 
processing portion). All algorithms of the DES are pub- 
lic, therefore, here, the basic processing of the data 
scrambling portion will be simply explained. 
[0332] First, 64 bits of the plain text are divided to H 0 
of the upper significant 32 bits and Lq of lower significant 
32 bits. By receiving as input the magnification key data 
K 1 of 48 bits supplied from the key processing unit and 
the Lq of the lower significant 32 bits, the output of an F 
function scrambled Lq of the lower significant 32 bits is 
calculated. The F function is comprised of two types of 
basic transforms of "substitution" of switching numerical 
values by a predetermined rule and "transposition" of 
switching bit locations by a predetermined rule. Next, an 
exclusive OR of the H 0 of the upper significant 32 bits 
and the output of the F function is calculated, and the 
result thereof is defined as L,. Also, Lq is made H 1 . 
[0333] Then, based on the H 0 of the upper significant 
32 bits and the Lq of the lower significant 32 bits, the 
above processing is repeated 16 times. The obtained 
H 16 of the upper significant 32 bits and L 16 of the lower 
significant 32 bits are output as the encrypted text. The 
decryption is realized by inversely following the se- 
quence by using the common key data used for the en- 
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cryption. 

[0334] The random number generation unit 115 gen- 
erates a random number of a predetermined number of 
bits and stores the related random number as the con- 
tent key data Kc in the storage unit 119. s 
[0335] Note that, it is also possible if the content key 
data Kc is produced from the information concerning a 
song provided by the content data. The content key data 
Kc is updated for example every predetermined time. 
[0336] Also, where a plurality of content providers 1 01 10 
exist, it is also possible to use inherent content key data 
Kcfrom individual content providers 101 or it is also pos- 
sible to use the content key data Kc common to all con- 
tent providers 101. 

[0337] In the key file database 1 1 8b, as shown in Fig. *5 
4, the key file KF shown in Fig. 5B received from the 
EMD service center 102 via the EMD service center 
management unit 125 is stored. The key file KF exists 
for every content data C. As will be mentioned later, a 
link is designated with the corresponding content file CF 20 
by directory structure data DSD in the header of the con- 
tent file CF. 

[0338] In the key file KF. as shown in Fig. 5B and Fig. 
7, the header, content key data Kc, usage control policy 
data 106 (usage permission condition) 106 : SAM pro- 25 
gram download containers SDC 1 to SDC 3 , and signa- 
ture data SIG K1 ESC are stored. 

[0339] Here, as the signature data using the secret 
key data K ESC s of the content provider 1 01 , use can be 
also made of the signature data K 1 ESC for all data stored 30 
in the key file KF as shown in Fig. 5B. Alternatively, sig- 
nature data for the data from the header to the informa- 
tion concerning the key file, signature data for the con- 
tent key data Kc and the usage control policy data 1 06, 
and signature data for the SAM program download con- 35 
tainer SDC can be separately provided too as shown in 
Fig. 7. 

[0340] The content key data Kc and usage control pol- 
icy data 1 06 and the SAM program download containers 
SDC 1 to SDC 3 are encrypted by using the distribution *o 
use key data KD n to KD 6 of the corresponding periods. 
[0341] In the header data, as shown in Fig. 7 : a syn- 
chronization signal, the content ID, the signature data 
by the secret key data K ESC s of the content provider 
1 01 for the content ID, the directory structure data, hyper 
link data, the information concerning the key file KF, the 
signature data by the secret key data K ESC s of the con- 
tent provider 101 for the directory structure data, etc. 
are contained. 

[0342] Note that, as the information to be contained so 
in the header data, various information can be consid- 
ered and freely varied according to the situation. For ex- 
ample, it is also possible if the information as shown in 
Fig. 8 is contained in the header data. 
[0343] Also, in the content ID, for example, the infor- 55 
mation as shown in Fig. 9 is contained. The content ID 
is produced in the EMD service center 1 02 or the content 
provider 101. Where it is produced in the EMD service 



center 102, the signature data by the secret key data 
K ESCS of the EMD service center 102 is added as 
shown in Fig. 9, while where it is produced at the content 
provider 101. the secret key data Kcps of the content 
provider 1 01 is added. 

[0344] The content ID is produced by for example the 
content ID generation unit 850 as shown in Fig. 4 and 
stored in the storage unit 119. Note that, it is also pos- 
sible if the content ID is produced by the EMD service 
center 102. 

[0345] The directory structure data indicates corre- 
spondence among the content files CF in the secure 
container 1 04 and correspondence between the content 
files CF and the key files KF. 

[0346] For example, where the content files CF 1 to 
CF 3 and the key files KF-, to KF 3 corresponding to them 
are stored in the secure container 1 04, as shown in Fig. 
1 0, the links among the content files CF 1 to CF 3 and the 
links between the content files CF 1 to CF 3 and the key 
files KF 1 to KF 3 are established by the directory struc- 
ture data. 

[0347] The hyper link data indicates a hierarchy struc- 
ture among the key files KF and the correspondence be- 
tween the content files CF and the key files KF covering 
all files inside and outside the secure container 104. 
[0348] Concretely as shown in Fig. 11, the address 
information of the linked site for every content file CF 
and key file KF and the certificate value (hash value) 
thereof are stored in the secure container 1 04. The links 
are verified by comparing the hash value of one's own 
address information obtained by using the hash function 
H(x) and the certificate value of the other party. 
[0349] Also, in the usage control policy data 106, as 
shown in Fig. 7, the content ID, identifier CP_ID of the 
content provider 101, an expiration date of the usage 
control policy data 106, the communication address of 
the EMD service center 102, usage space examination 
information, wholesale price information, a handling 
plan, handling control information, handling control in- 
formation of a commodity demo, the signature data for 
them, etc. are contained. 

[0350] Note that, as in the second embodiment men- 
tioned later, where a secure container 304 is transmitted 
via the service provider 31 0 to a user home network 303, 
in the usage control policy data 106, an identifier SP_ID 
of the service provider 31 0 for providing the secure con- 
tainer 1 04 by the content provider 301 is contained. 
[0351] Also, in the SAM program download contain- 
ers SDC., to SDC 3: as shown in Fig. 7, a download driver 
indicating the routine of the download used when down- 
loading a program in the SAMs 105 1 to 105 4 , a label 
reader such as an UCP-L (Label) R (Reader) indicating 
a syntax (grammar) of the usage control policy data 
(UCP) U106, lock key data for locking/unlocking rewrit- 
ing and erasing of the storage units (flash-ROM) built in 
the SAMs 105 n to 105 4 in block units, and the signature 
data for them are contained. 

[0352] Note that, the storage unit 1 1 9 is provided with 
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various databases including for example a database for 
storing the certificate data. 

[0353] The signature processing unit 1 1 7 obtains the 
hash value of the data covered by the signature and pro- 
duces the signature data SIG thereof by using the secret 5 
key data Kq PS of the content provider 101 . 
[0354] Note that, the hash value is produced by using 
a hash function. A hash function is a function receiving 
as input the data covered, compressing the related input 
data to data having a predetermined bit length, and out- 10 
putting the same as the hash value. The hash function 
has as its characteristic feature that it is difficult to pre- 
dict the input of the hash function from the hash value 
(output). When one bit input to the hash function varies, 
many bits of the hash value vary, so it is difficult to find is 
the input data having an identical hash value. 
[0355] The secure container preparation unit 1 1 8 pro- 
duces the content file CF storing the header data, meta 
data Meta, the content data C, A/V expansion use soft- 
ware Soft, and the watermark module WM input from 20 
the encryption unit 11 4 and encrypted by the content key 
data Kc therein as shown in Fig. 5A. 
[0356] It is also possible to contain the file reader and 
the signature data of the file reader in the secret key 
data K CPS as shown in Fig, 6. By doing this, in the SAMs 25 
1 05 1 to 1 05 4 , a plurality of secure containers 1 04 storing 
the content files CF of different formats received from a 
plurality of secure containers 104 of different streams 
can be efficiently processed. 

[0357] Here, the file reader is used when reading a 30 
content file CF and the key file KF corresponding to that 
and indicates the reading routine etc. of these files. 
[0358] Note, in the present embodiment, a case 
where the related file reader is transmitted in advance 
from the EMD service center 102 to the SAMs 105 1 to 35 
105 4 is exemplified. Namely, in the present embodi- 
ment, the content file CF of the secure container 104 
does not store the file reader. 

[0359] In the header data, as shown in Fig. 6, the syn- 
chronization signal, content ID, signature data by the se- *o 
cret key data Kcps of the content provider 101 for the 
content ID, directory information, hyper link information, 
serial number, expiration date and producer information 
of the content file CF, file size, existence of encryption, 
encryption algorithm, information concerning the signa- 45 
ture algorithm, signature data by the secret key data 
Kcps of the content provider 101 concerning the direc- 
tory information, etc. are contained. 
[0360] In the meta data Meta, as shown in Fig. 6, ex- 
planatory text of the commodity (content data C), com- so 
modity demo and PR information, information related to 
the commodity, and the signature data from the content 
provider 101 for them are contained. 
[0361] In the present invention, as shown in Fig. 5 and 
Fig. 6, the case where the meta data Meta is stored in 55 
the content file CF and transmitted is exemplified, but it 
is also possible not to store the meta data Meta in the 
content file CF, but transmit the same from the content 
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provider 101 to the SAM 105 1 etc. through a route dif- 
ferent from the route for transmitting the content file CF. 
[0362] The A/V expansion use software Soft is the 
software used when expanding the content file CF in the 
network apparatus 1 60 1 and the AV apparatuses 1 60 2 
to 1 60 4 of the user home network 1 03 and is the expan- 
sion use software of for example the ATRAC3 method. 
[0363] In this way, by storing the A/V expansion use 
software Soft in the secure container 104, the content 
data C can be expanded by using the A/V expansion 
use software Soft stored in the secure container 104 in 
the SAMs 105 1 to 105 4 . Even if the compression and 
expansion method of the content data C is freely set by 
the content provider 1 01 for every content data C or eve- 
ry content provider 1 01 , a large load will not be imposed 
on the user. 

[0364] The watermark module WM contains for exam- 
ple the information required for detecting the electronic 
watermark information buried in the content data C and 
software as mentioned before. 

[0365] Also, the secure container preparation unit 1 1 8 
produces the secure container 104 storing the content 
file CF shown Fig. 5A mentioned above, signature data 
SIG 6 CP of the related content file CF, the key file KF 
shown in Fig. 5B corresponding to the related content 
file CF read out from the key file database 118b, signa- 
ture data SIG 7 CP of the related key file KF, certificate 
data CER CP of the content provider 101 read out from 
the storage unit 119, and signature data SIG 1 ESC of the 
related certificate data CERc P therein. 
[0366] Here, the signature data SIG 6 CP is used for 
verifying the legitimacy of the producer and transmitter 
of the content file CF at the received site of the secure 
container 104. 

[0367] Here, the signature data SIG 7 CP is used for 
verifying the legitimacy of the transmitter of the key file 
KF at the received site of the secure container 1 04. Note 
that, at the received site of the secure container 1 04, the 
legitimacy of the producer of the key file KF is verified 
based on the signature data SIG K1 ESC in the key file KF. 
Also, the signature data SIG K1 ESC is used also for ver- 
ifying whether or not the key file KF is registered in the 
EMD service center 102. 

[0368] In the present embodiment, the encrypted con- 
tent data C is stored in the secure container 104 in a 
form not depending upon the compression method of 
the content data C, existence of compression, encryp- 
tion method (including both the cases of the common 
key encryption method and public key encryption meth- 
od), parameters of the signals giving the content data C 
(sampling frequency etc.), and the preparation method 
(algorithm) of the signature data. Namely, these items 
can be freely determined by the content provider 1 01 . 
[0369] Also, the secure container preparation unit 118 
outputs the secure container 104 stored in the secure 
container database 118a to the SAM management unit 
124 in response to a request from the user. 
[0370] In this way, in the present embodiment, an in- 



EP1 132 828 A1 



45 



89 

band method of storing the certificate CERcp of the pub- 
lic key data Kc PP of the content provider 101 in the se- 
cure container 1 04 and transmitting the same to the user 
home network 103 is employed. Accordingly, the user 
home network 103 does not have to communicate with 
the EMD service center 102 for obtaining the certificate 
CERcp. 

[0371] Note that, in the present invention, it is also 
possible to employ an out-of-band method of obtaining 
the certificate CERcp from the EMD service center 1 02 
by the user home network 103 without storing the cer- 
tificate CER CP in the secure container 104. 
[0372] The mutual certification unit 1 20 performs mu- 
tual certification between the EMD service center 102 
and the user home network 103 to produce the session 
key data (common key) K SES when the content provider 
101 transmits or receives data on-line with the EMD 
service center 1 02 and the user home network 1 03. The 
session key data K SES is newly produced at each mutual 
certification. 

[0373] The encryption and/or decryption unit 121 en- 
crypts the data to be transmitted on-line to the EMD 
service center 1 02 and the user home network 1 03 by 
the content provider 101 by using the session key data 

K SES- 

[0374] Also, the encryption and/or decryption unit 1 21 
decrypts the data received on-line from the EMD service 
center 102 and the user home network 103 by the con- 
tent provider 101 by using the session key data K SES . 
[0375] The usage control policy data preparation unit 
1 22 produces the usage control policy data 1 06 and out- 
puts this to the EMD service center management unit 
125. 

[0376] The usage control policy data 1 06 is a descrip- 
tor defining operating rules of the content data C and for 
example describes the suggested retailer's price SRP 
intended by an operator of the content provider 101, 
copy rule of the content data C, etc. 
[0377] The SAM management unit 124 supplies the 
secure container 1 04 off-line or on-line to the user home 
network 103. 

[0378] Also, when distributing the secure container 
104 to the SAMs 105, to 105 4 on-line., the SAM man- 
agement unit 124 uses, as the communication protocol 
for transmitting the secure container 104, an MHEG 
(Multimedia and Hypermedia Information Coding Ex- 
perts Group) protocol if a digital broadcast or uses an 
XML/SMIL/HTML (Hyper TextMarkup Language) if the 
Internet and buries the secure containers 104 in these 
communication protocols in a form not depending upon 
the coding method by tunneling. 
[0379] Accordingly, it is not necessary to match for- 
mats between the communication protocol and the se- 
cure container 1 04, so the format of the secure container 
1 04 can be flexibly set. 

[0380] Note that, the communication protocol used 
when transmitting the secure container 104 from the 
content provider 101 to the user home network 103 is 
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not limited to those mentioned above and may be any 
protocol. 

[0381 ] Figure 1 2 is a view for explaining a storage me- 
dium 130 1 of a ROM type used in the present embodi- 
5 ment. 

[0382] As shown in Fig. 1 2, the ROM type storage me- 
dium 1 30., has a ROM region 1 31 , a secure RAM region 
132, and a media SAM 133. 

[0383] In the ROM region 131, the content file CF 

io shown in Fig. 5A is stored. 

[0384] Also, the secure RAM region 132 is a region 
where predetermined permission (certification) is nec- 
essary for accessing the stored data. Signature data 
produced by using a MAC (Message Authentication 

15 Code) function with the key file KF and the certificate 
data CER CP and a storage use key data K STR having 
an inherent value in accordance with the type of the ap- 
paratus shown in Figs. 5B and 5C as factors and the 
data obtained by encrypting the related key file KF and 

20 the certificate data CERcp by using media key data 
K MED having an inherent value in the storage medium 
are stored. 

[0385] Also, in the secure RAM region 132, for exam- 
ple, certificate revocation data (revocation list) for spee- 
ds ifying the content provider 101 and the SAMs 105., to 
1 05 5 which became invalid due to illegitimate actions or 
the like is stored. 

[0386] Also, in the secure RAM region 132, as will be 
mentioned later, usage control status (UCS) data 166 

30 etc. produced when the purchase and/or usage form of 
the content data C is determined in the SAMs 105! to 
105 4 of the user home network 103 is determined are 
stored. By this, by the storage of the user control status 
data 166 in the secure RAM region 132, a ROM type 

35 storage medium 1 30 with a purchase and/or usage form 
determined therein is obtained. 

[0387] In the media SAM 1 33, for example the media 
ID serving as the identifier of the ROM type storage me- 
dium 1 30 t and the media key data K MED are stored. 
40 [0388] The media SAM 1 33 has for example a mutual 
certificate authority function. 

[0389] As the storage medium of the ROM type used 
in the present embodiment, for example, other than one 
shown in Fig. 12, also a ROM type storage medium 130 2 

45 shown in Fig. 1 3 and a ROM type storage medium 1 30 3 
shown in Fig. 14 can be considered. 
[0390] The ROM type storage medium 1 30 2 shown in 
Fig. 13 has the ROM region 131 and the media SAM 
133 having the certificate authority function, but is not 

so provided with the secure RAM region 1 32 as in the ROM 
type storage medium 130., shown in Fig. 12. Where use 
is made of the ROM type storage medium 1 30 2 , the con- 
tent file CF is stored in the ROM region 131 , and the key 
file KF is stored in the media SAM 133. 

55 [0391] Also, the ROM type storage medium 130 3 
shown in Fig. 14 has the ROM region 131 and the secure 
RAM region 132 and does not have the media SAM 133 
as in the ROM type storage medium 130., shown in Fig. 
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12. Where the ROM type storage medium 130 3 is used, 
the content file CF is stored in the ROM region 1 31 , and 
the key file KF is stored in the secure RAM region 132. 
Also, where the ROM type storage medium 130 3 is 
used, mutual certification is not carried out with the 5 
SAM. 

[0392] Also, in the present embodiment, other than 
the ROM type storage medium, also a RAM type storage 
medium is used. 

[0393] As the RAM type storage medium used in the 10 
present embodiment, there is, for example, as shown in 
Fig. 15, a RAM type storage medium 130 4 having the 
media SAM 133, secure RAM region 132, and nonse- 
cure RAM region 134. In the RAM type storage medium 
130 4 , the media SAM 133 has the certificate authority *5 
function and stores the key file KF. Also, in the RAM re- 
gion 134, the content file CF is stored. 
[0394] Also, as the RAM type storage medium used 
in the present embodiment, other than that, also a RAM 
type storage medium 1 30 5 shown in Fig. 16 and a RAM 20 
type storage medium 1 30 6 shown in Fig. 1 7 can be con- 
sidered. 

[0395] The RAM type storage medium 1 30 5 shown in 
Fig. 1 6 has the nonsecure RAM region 1 34 and the me- 
dia SAM 133 having the certificate authority function, but 25 
is not provided with the secure RAM region 132 as in 
the RAM type storage medium 130 4 shown in Fig. 15. 
Where the RAM type storage medium 130 5 is used, the 
content file CF is stored in the RAM region 134, and the 
key file KF is stored in the media SAM 133. 30 
[0396] Also, the RAM type storage medium 130 6 
shown in Fig. 17 has the secure RAM region 132 and 
the nonsecure RAM region 134, but does not have the 
media SAM 133 as in the RAM type storage medium 
130 4 shown in Fig. 15. Where use is made of the RAM 35 
type storage medium 130 6 , the content file CF is stored 
in the RAM region 134, and the key file KF is stored in 
the secure RAM region 132. Also, where use is made 
of the RAM type storage medium 1 30 6 , mutual certifica- 
tion is not carried out with the SAM. *o 
[0397] Also, where the secure container 1 04 is distrib- 
uted on-line to the user home network 103 by using a 
network or a digital broadcast, the SAM management 
unit 1 24 encrypts the secure container 1 04 by using the 
session key data K SES in the encryption and/or decryp- 45 
tion unit 121 , and then distributes the same via the net- 
work to the user home network 103. 
[0398] In the present embodiment, as the SAM man- 
agement unit and the EMD service center management 
unit and the content provider management unit and so 
service provider management unit mentioned later, use 
is made of a communication gateway having a tamper 
resistant structure whereby for example monitoring and 
tampering of the processing content of the internal por- 
tion cannot be carried out or are difficult. ss 
[0399] Here, in both of the case where the content da- 
ta C is distributed from the content provider 101 to the 
user home network 103 by using the storage medium 
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1 30 1 and the case where it is distributed on-line by using 
the network., use is made of the secure container 104 of 
a common form with the usage control policy data 1 06 
stored therein. Accordingly, in the SAMs 105 t to 105 4 of 
the user home network 103, the rights clearing based 
on the common usage control policy data 106 can be 
carried out in both of the cases of off-line and on-line. 
[0400] Also, as mentioned above, in the present em- 
bodiment, the in-band method of enclosing the content 
data C encrypted by the content key data Kc and the 
content key data Kc for decrypting the related encryption 
in the secure container 104 is employed. In the in-band 
method, when it is intended to reproduce the content 
data C by the apparatus of the user home network 1 03, 
it is not necessary to separately distribute the content 
key data Kc, so there is an advantage that the load of 
the network communication can be reduced. Also, the 
content key data Kc has been encrypted by the distribu- 
tion use key data KD., to KD 6; but the distribution use 
key data KD 1 to KD 6 are managed at the EMD service 
center 1 02 and distributed to the SAMs 1 05., to 1 05 5 of 
the user home network 1 03 in advance (when the SAMs 
1 05 1 to 1 05 4 access the EMD service center 1 02 for the 
first time), therefore, in the user home network 103, the 
usage of the content data C off-line becomes possible 
without connecting with the EMD service center 1 02 on- 
line. 

[0401] Note that, the present invention has the flexi- 
bility to employ the out-of-band method for separately 
supplying the content data C and the content key data 
Kc to the user home network 103 as will be mentioned 
later. 

[0402] When receiving the settlement report data 1 07 
from the EMD service center 1 02, the EMD service cent- 
er management unit 125 decrypts it at the encryption 
and/or decryption u nit 1 21 by using the session key data 
K SES and then stores the same in the storage unit 119. 
[0403] As the settlement report data 1 07, for example, 
the content of the settlement concerning the content 
provider 1 01 performed by the EMD service center 1 02 
at the settlement manager 91 shown in Fig. 1 is de- 
scribed. 

[0404] Also, the EMD service center management 
unit 125 transmits the content ID as a global unique 
identifier of the content data C to be provided, a public 
key data Kcpp, and signature data SIG 9 CP of them to 
the EMD service center 102 and receives as input the 
certificate data CERcp of the public key data Kcpp from 
the EMD service center 102. 

[0405] Also, the EMD service center management 
unit 125 produces, as shown in Fig. 18, a registration 
module Mod 2 storing the content ID as the global unique 
identifier of the content data C to be provided, the con- 
tent key data Kc, the usage control policy data 106, the 
watermark module WM, CP_ID as the global unique 
identifier of the content provider 101, and signature data 
SIG M1 CP by the secret key data Kcps of the content 
provider 101 for them therein when registering thecon- 
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tent key data Kc, the usage control policy data 1 06, and 
the watermark module WM in the EMD service center 
1 02 and receiving the key file KF (or each of the content 
data C. Then, the EMD service center 125 encrypts the 
registration module Modg in the encryption and/or de- 
cryption unit 121 by using the session key data K SES 
and then transmits the same via the network to the EMD 
service center 1 02. As the EMD service center manage- 
ment unit 125 t as mentioned above, for example use is 
made of a communication gateway having a high 
tamper resistant structure whereby monitoring or tam- 
pering of the processing content of the internal portion 
cannot be carried out or are difficult. 
[0406] Below, an explanation will be given of the flow 
of the processing in the content provider 1 01 by referring 
to Fig. 3 and Fig. 4. 

[0407] Note that, as a prerequisite for performing the 
following processing, the interested party of the content 
provider 1 01 performs the registration processing for the 
EMD service center 1 02 off-line by using for example its 
own ID and a bank account for performing the settle- 
ment processing and acquires the global unique identi- 
fier CP JD. The identifier CPJD is stored in the storage 
unit 119. 

[0408] First, an explanation will be given of the 
processing where the content provider 1 01 requests the 
certificate data CER CP for proving the legitimacy of the 
public key data Kqps corresponding to its own secret 
key data \<c PS from the EMD service center 1 02 by re- 
ferring to Fig. 4. 

[0409] The content provider 101 generates a random 
number by using a true random number generator to 
produce the secret key data Kqp S , produces the public 
key data K CPP corresponding to the related secret key 
data Kcps and stores the same in the storage unit 119. 
[041 0] The EMD service center management unit 1 25 
reads out the identifier CP_ID and the public key data 
Kqpp of the content provider 101 from the storage unit 
119! 

[0411] Then : the EMD service center management 
unit 125 transmits the identifier CPJD and the public 
key data Kcpp to the EMD service center 1 02. 
[0412] Then, the EMD service center management 
unit 125 receives as input the certificate data CER CP 
and the signature data S\G^ ESC thereof from the EMD 
service center 102 in accordance with the related reg- 
istration and writes them into the storage unit 119. 
[0413] Next, an explanation will be given of the 
processing where the content provider 1 01 registers the 
content key data Kc, usage control policy data 106, and 
the watermark module WM in the EMD service center 
102 and receives the key file KF corresponding to the 
content data C by referring to Fig. 4, Fig. 1 8, and Fig. 1 9. 
[041 4] The registration of the usage control policy da- 
ta 1 06 etc. is carried out for individual content data C. 
[041 5] Figure 1 9 is a flowchart for explaining the reg- 
istration processing from the content provider 1 01 to the 
EMD service center 102. 
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[0416] Step A1 : Mutual certification is carried out be- 
tween the mutual certification unit 120 of the content 
provider 1 01 shown in Fig. 4 and the EMD service center 
102. 

5 [0417] Step A2: The session key data K SES obtained 
by the mutual certification performed at step A1 is 
shared by the content provider 1 01 and the EMD service 
center 102. 

[0418] Step A3: The content provider 101 reads out 
10 the content ID, content key data Kc, usage control policy 
data 1 06, watermark module WM, and CPJD, etc. to be 
registered into the EMD service center 1 02 from the da- 
tabase of the storage unit 119 etc. 
[0419] Step A4: In the signature processing unit 117, 
'5 the signature data S1G M1 CP indicating the legitimacy of 
the sender is produced for a module containing for ex- 
ample the usage control policy data 1 06 read out at step 
A3 by using the secret key data K CPS of the content pro- 
vider 101. 

20 [0420] Then, the EMD service center management 
unit 125 produces the registration use module Mod 2 
storing the content ID, content key data Kc, usage con- 
trol policy data 1 06, watermark module WM and CPJD, 
and the signature data SIG M1 CP for them therein as 
25 shown in Fig. 18. 

[0421] Step A5: The encryption and/or decryption unit 
121 encrypts the registration use module Mod 2 pro- 
duced at step A4 by using the session key data K SES 
shared at step A2. 
30 [0422] Step A6: The EMD service center manage- 
ment unit 125 transmits the registration use module 
Mod 2 encrypted at step A5 to the EMD service center 
102. 

[0423] The processing of step A7 and following 
35 processing are the processing in the EMD service cent- 
er 102. 

[0424] Step A7: The EMD service center 1 02 decrypts 
the received registration use module Mod 2 by using the 
session key data K SES shared at step A2. 
40 [0425] Step A8: The EMD service center 102 verifies 
the signature data SIG M1 CP stored in the decrypted reg- 
istration use module Mod 2 by using the public key data 
K CPP , confirms the legitimacy of the sender of the reg- 
istration use module Mod 2 , and performs the processing 
45 of step A9 under the condition that the legitimacy of the 
sender is proved. 

[0426] Step A9: The EMD service center 102 stores 
and registers the content ID, content key data Kc, usage 
control policy data 106, watermark module WM, and 
50 CPJD stored in the registration use module Mod 2 in the 
predetermined database. 

[0427] Note that, the EMD service center manage- 
ment unit 1 25 receives, as shown in Fig. 1 8. for example 
six months' worth of the key files KF from the EMD serv- 
55 ice center 102 after the registration processing in ac- 
cordance with the registration use module Mod 2 is car- 
ried out for the EMD service center 102, decrypts the 
related received key files KF by using the session key 
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data K SES obtained by the mutual certification between 
the mutual certification unit 120 and the EMD service 
center 102, and then stores the same in the key file da- 
tabase 118b. 

[0428] Next, an explanation will be given of the 5 
processing where the content provider 101 transmits the 
secure container 1 04 to the SAM 1 05 1 of the user home 
network 103 by referring to Fig. 3 and Fig. 4. 
[0429] Note that, in the following example, the case 
where the secure container 1 04 is transmitted from the 10 
content provider 101 to the SAM 105., is exemplified, 
but the case where the secure container 104 is trans- 
mitted to each of the SAMs 105 2 to 105 4 is the same 
except it transmitted to each of the SAMs 1 05 2 to 1 05 4 
via the SAM 105-,. '5 
[0430] First, as shown in Fig. 3, the content data S1 1 1 
is read out from the content master source database 1 1 1 
and output to the electronic watermark information ad- 
dition unit 112. 

[0431] Next, the electronic watermark information ad- 20 
dition unit 112 buries the electronic watermark informa- 
tion in the content data S111 to produce the content data 
S112 and outputs this to the compression unit 113. 
[0432] Next, the compression unit 113 compresses 
the content data S112 by for example the ATRAC3 25 
method to produce the content data S113 and outputs 
this to the encryption unit 114. 

[0433] Also, as shown in Fig. 4, the content key data 
Kc is produced by generating a random number at the 
random number generation unit 115, and the related 30 
produced content key data Kc is stored in the storage 
unit 119. 

[0434] Next, the encryption unit 1 1 4 encrypts the con- 
tent data S1 1 3 input from the compression unit 113, me- 
ta data Meta read out from the storage unit 119, the A/ 35 
V expansion use software Soft and the watermark mod- 
ule WM by using the content key data Kc and outputs 
the same to the secure container preparation unit 118. 
In this case, it is also possible if the meta data Meta and 
the watermark module WM are not encrypted. *o 
[0435] Then, the secure container preparation unit 
1 1 8 produces»the content file CF shown in Fig. 5A. Also, 
in the signature processing unit 117, the hash value of 
the content file CF is obtained and the signature data 
SIG 6 CP is produced by using the secret key data K^g. 45 
[0436] Also, the secure container preparation unit 1 1 8 
reads out the key file KF corresponding to the content 
data C from the key file database 1 1 8b and outputs this 
to the signature processing unit 117. 

[0437] Then, the signature processing unit 117 ob- so 
tains the hash value of the key file KF input from the 
secure container preparation unit 118, produces the sig- 
nature data SIG 7 CP by using the secret key data Kqp^, 
and outputs this to the secure container preparation unit 
118. 55 
[0438] Next, the secure container preparation unit 118 
produces the secure container 104 storing the content 
file CF and the signature data SIG 6 CP thereof shown in 
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Fig. 5A, the key file KF and the signature data SIG 7 CP 
thereof shown in Fig. 5B : and the certificate data CEFlcp 
and the signature data SIG 1 ESC thereof shown in Fig. 
5C read out from the storage unit 119 therein and stores 
this in the secure container database 118b. Then, the 
secure container preparation unit 118 reads out the se- 
cure container 1 04 to be provided to the user home net- 
work 1 03 in response to for example a request from the 
user from the secure container database 118a, encrypts 
this at the encryption and/or decryption unit 121 by using 
the session key data K SES obtained by the mutual cer- 
tification between the mutual certification unit 120 and 
the SAM 1 05., , and then transmits the same via the SAM 
management unit 1 24 to the SAM 1 05., of the user home 
network 103. 

[0439] Below, a summary of the flow of the overall 
processing of the content provider 1 01 will be explained 
relative to the secure container preparation processing. 
[0440] Figure 20, Fig. 21 , and Fig. 22 are flowcharts 
for explaining the flow of the related processing. 
[0441] Step B1 : The content provider 1 01 receives as 
input its own certificate data CER CP from the EMD serv- 
ice center 102 in advance and stores this in the storage 
unit (database) 119. 

[0442] Step B2: The content data to be newly au- 
thored and an already stored content master source 
such as legacy content data are digitized, allocated a 
content ID, and stored in the content master source da- 
tabase 111 and uniquely managed. 
[0443] Step B3: The meta data Meta is produced for 
each content master source uniquely managed at step 
B1 and is stored in the storage unit 119. 
[0444] Step B4: The content data S1 1 1 serving as the 
content master source is read out from the content mas- 
ter source database 111 and output to the electronic wa- 
termark information addition unit 112, the electronic wa- 
termark information is buried, and the content data S1 1 2 
is produced. 

[0445] Step B5: The electronic watermark information 
addition unit 112 stores the content of the buried elec- 
tronic watermark information and the burial location in 
the predetermined database. 

[0446] Step B6: In the compression unit 1 1 3, the con- 
tent data S1 1 2 with the electronic watermark information 
buried therein is compressed to produce the content da- 
ta S113. 

[0447] Step B7: In the expansion unit 116, the com- 
pressed content data S113 is expanded to produce the 
content data S116. 

[0448] StepB8: Intheaudia! check unit 123, the check 
of the sound of the expanded content data S1 1 6 is car- 
ried out. 

[0449] Step B9: The content provider 101 detects the 
electronic watermark information buried in the content 
data S116 based on the buried content and the burial 
location stored in the database at step B5. 
[0450] Then, the content provider 101 performs the 
processing of step B10 where both of the audial check 
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and the detection of the electronic watermark informa- 
tion succeed, while repeats the processing of step B4 
where either one fails. 

[0451] Step B10: A random number is generated at 
the random number generation unit 115 to produce the 5 
content key data Kc, and this is stored in the storage 
unit 119. 

[0452] Step B11: In the encryption unit 114. the com- 
pressed content data S113 is encrypted by using the 
content key data Kc to produce the content data C. io 
[0453] Step B12: In the usage control policy data 
preparation unit 122, the usage control policy data 106 
for the content data C is produced. 
[0454] Step B13: The content provider 101 deter- 
mines the SRP and stores this in the storage unit 119. is 
[0455] Step B14: The content provider 101 outputs 
the content ID, content key data Kc, and the usage con- 
trol policy data 106 to the EMD service center 102. 
[0456] Step B15: The content provider 101 receives 
as input the key file KF encrypted by the distribution use 20 
key data KD^ to KD 3 from the EMD service center 102. 
[0457] Step B1 6: The content provider 1 01 stores the 
input key file KF in the key file database 118b. 
[0458] Step B17: The content provider 101 connects 
the links of the content data C and the key file KF by the 25 
hyper link. 

[0459] Step B1 8: In the signature processing unit 117, 
the signature data indicating the legitimacy of the pro- 
ducer is produced by using the secret key data Kq PS for 
each of the content data C and the key files KF. 30 
[0460] Step B19: In the secure container preparation 
unit 118, the secure container 104 shown in Fig. 5 is 
produced. 

[0461] Step B20: Where the content data is provided 
in a composite form using a plurality of secure contain- 35 
ers, the processing of the steps B1 to B19 is repeated 
to produce the secure container 104 and the link be- 
tween the content file CF and the key file KF and the link 
among the content files CF by using the hyper link, etc. 
[0462] Step B21 : The content provider 1 01 stores the 40 
produced secure container 1 04 in the secure container 
database 118a. 

[EMD service center 102] 

45 

[0463] The EMD service center 1 02 has a certificate 
authority (CA) function, a key management function., 
and a rights clearing (profit distribution) function. 
[0464] Figure 23 is a view of the configurations of 
functions of the EMD service center 102. so 
[0465] As shown in Fig. 23, the EMD service center 
102 has a key server 141 , a key database 141a, a set- 
tlement processing unit 142, a signature processing unit 
143, a settlement manager management unit 144, a cer- 
tificate and/or usage control policy management unit 55 
145, a usage control policy database 145a, a certificate 
database 145b. a content provider management unit 
1 48, a CP database 1 48a, a SAM management unit 1 49, 
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a SAM database 149a, a mutual certification unit 150, 
an encryption and/or decryption unit 151, and a KF prep- 
aration unit 153. 

[0466] Note that, in Fig. 23, the flow of the data related 
to the data transmitted and received between the EMD 
service center 102 and the content provider 101 in the 
flow of the data among the functional blocks in the EMD 
service center 102 is shown. 

[0467] Also, in Fig. 24, the flow of the data related to 
the data transmitted and received between the SAMs 
105 1 to 105 4 and the settlement manager 91 shown in 
Fig. 1 in the flow of the data among the functional blocks 
in the EMD service center 102 is shown. 
[0468] The key server 141 reads out six months' worth 
of the distribution use key data having the expiration 
date of one month stored in the key database 141a and 
outputs the same to the SAM management unit 149. 
[0469] Also, other than the key database 141 a distri- 
bution use key data KD, one series of key data for stor- 
ing the key data such as the secret key data K ESC s of 
the EMD service center 102, storage use key data K STR: 
media key data K MED , and the MAC key data K MAC are 
stored. 

[0470] The settlement processing unit 142 performs 
settlement processing based on the usage log data 108 
input from the SAMs 1 05., to 105 4 , the suggested retail- 
er's price SRP input from the certificate and/or usage 
control policy management unit 145 and sales price, 
produces the settlement report data 1 07 and settlement 
claim data 152, outputs the settlement report data 107 
to the content provider management unit 148, and out- 
puts the settlement claim data 152 to the settlement 
manager management unit 144. 

[0471] Note that, the settlement processing unit 142 
monitors whether or not transactions based on an illegal 
dumping price were carried out based on the sales price. 
[0472] Here, the usage log data 1 08 indicates the log 
of the purchase and usage (reproduction, recording, 
transfer, etc.) of the secure container 104 in the user 
home network 103 and is used when determining the 
payment sum of a license fee related to the secure con- 
tainer 104 in the settlement processing unit 142. 
[0473] In the usage log data 1 08, for example the con- 
tent ID serving as the identifier of the content data C 
stored in the secure container 104, the identifier CP_ID 
of the content provider 101 distributing the secure con- 
tainer 1 04, the compression method of the content data 
C in the secure container 1 04, an identifier MediaJD of 
the storage medium storing the secure container 104, 
the identifier SAMJD of the SAMs 105 n to 105 4 receiv- 
ing the distribution of the secure container 104, 
USERJD of the user of the related SAMs 1 05 t to 1 05 4 , 
etc. are described. Accordingly, the EMD service center 
1 02 determines the sum of payment for each other party 
based on a distribution rate table determined in advance 
when it is necessary to distribute the money paid by the 
user of the user home network 1 03 to license owners of 
for example the compression method and the storage 
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medium other than the owner of the content provider 
101 and produces the settlement report data 107 and 
the settlement claim data 152 in accordance with the 
related determination. The related distribution rate table 
is produced for example for every content data stored 
in the secure container 104. 

[0474] Also, the settlement claim data 152 is the au- 
thenticated data for which the payment of money to the 
settlement manager 91 may be claimed. For example, 
when the money paid by the user is distributed to a plu- 
rality of right holders, it is produced for individual right 
holders. 

[0475] Note that, the settlement manager 91 sends a 
statement of the related settlement manager to the EMD 
service center 102 when the settlement is terminated. 
The EMD service center 102 notifies the content of the 
related statement to the corresponding right holders. 
[0476] The settlement manager management unit 
144 transmits the settlement claim data 152 produced 
by the settlement processing unit 142 via the payment 
gateway 90 shown in Fig. 1 to the settlement manager 
91. 

[0477] Note that, as will be mentioned later, it is also 
possible if the settlement manager management unit 
144 transmits the settlement claim data 152 to the right 
holders of the content provider 101 etc., and the right 
holders per se perform the settlement at the settlement 
manager 91 by using the received settlement claim data 
152. 

[0478] Also, the settlement manager management 
unit 144 obtains the hash value of the settlement claim 
data 1 52 in the signature processing unit 1 43 and trans- 
mits signature data SIG 99 produced by using the secret 
key data K ESC s together with the settlement claim data 
1 52 to the settlement manager 91 . 
[0479] The certificate and/or usage control policy 
management unit 145 reads out the certificate data 
CER CP and certificate data CER SAM1 to CER SAM4 etc. 
which are registered (stored) in the certificate database 
1 45b and authenticated and, at the same time, registers 
the usage control policy data 1 06 of the content provider 
101, the content key data Kc, the watermark module 
WM, etc. in the usage control policy database 145a to 
authenticate the same. 

[0480] Here, for the usage control policy database 
145a, a search is carried out by using the content ID as 
a search key, while for the certificate database 145b, a 
search is carried out by using the identifier CP_ID of the 
content provider 101 as the search key. 
[0481 ] Also, the certificate and/or usage control policy 
management unit 145 obtains the hash values of for ex- 
ample the usage control policy data 106, content key 
data Kc, and the watermark module WM and stores the 
authenticated data attached with the signature data us- 
ing the secret key data K ESC s in the usage control policy 
database 145a. 

[0482] The content provider management unit 148 
has a function of communication with the content pro- 



vider 101 and can access the CP database 148a for 
managing the identifiers CP_ID etc. of the registered 
content providers 101. 

[0483] The SAM management unit 149 has a function 

5 of communication with the SAMs 1 05, to 1 05 4 in the us- 
er home network 1 03 and can access the SAM database 
149a storing the identifiers SAMJD and SAM registra- 
tion list etc. of the registered SAMs. 
[0484] The KF preparation unit 153 outputs the con- 

io tent key data Kc and usage control policy data 1 06 input 
from the content provider management unit 148 and the 
SAM program download containers SDC, to SDC 3 to 
the signature processing unit 143. 
[0485] Also, the KF preparation unit 153 encrypts the 

15 content key data Kc, the usage control policy data 106, 
and the SAM program download containers SDC, to 
SDC 3 by using the distribution use key data KD, to KD 6 
of the corresponding period input from the key server 
141, produces the key file KF storing the related encrypt - 

20 ed data and the signature data SIG K1 ESC by the secret 
key data K ESC s for the related encrypted data input from 
the signature processing unit 143 therein as shown in 
Fig. 5B, and stores the related produced key file KF in 
the KF database 153a. 

25 [0486] Below, an explanation will be given of the flow 
of the processing in the EMD service center 102. 
[0487] First, an explanation will be given of the flow 
of the processing when transmitting the distribution use 
key data from the EMD service center 1 02 to the SAMs 

30 1 05, to 1 05 4 in the user home network 1 03 by referring 
to Fig. 24. 

[0488] As shown in Fig. 24, the key server 141 reads 
out for example three months' worth of the distribution 
use key data KD, to KD 3 from the key database 141a 
35 every predetermined period and outputs the same to the 
SAM management unit 149. 

[0489] Also, the signature processing unit 1 43 obtains 
the hash values of each of the distribution use key data 
KD, to KD 3 to produce signature data SIG KD1 ESC to 

40 SIG KD3 ESC individually corresponding to them by using 
the secret key data K ESC s of the EMD service center 
1 02 and outputs them to the SAM management unit 1 49. 
[0490] The SAM management unit 149 encrypts 
these three months' worth of the distribution use key da- 

45 ta KD, to KD 3 and the signature data SIG KD1 ESC to 
SIG KD3 esc of them by using the session key data K SES 
obtained by the mutual certification between the mutual 
certification unit 150 and the SAMs 105, to 105 4 and 
then transmits them to the SAMs 105, to 105 4 . 

so [0491] Next, an explanation will be given of the 
processing in the case where the EMD service center 
1 02 receives an issuance request of the certificate data 
CERcp from the content provider 1 01 by referring to Fig. 
23. 

55 [0492] In this case, when receiving the identifier 
CPJD of the content provider 101, public key data 
Kcpp, and the signature data SIG 9 CP from the content 
provider 1 01 , the content provider management unit 1 48 
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101 

decrypts them by using the session key data K SES ob- 
tained by the mutual certification between the mutual 
certification unit 1 50 and the mutual certification unit 1 20 
shown in Fig. 4. 

[0493] Then, after confirming the legitimacy of the re- s 
lated decrypted signature data SIG 9 CP at the signature 
processing unit 143, it is confirmed whether or not the 
content provider 101 issuing the issuance request of the 
related certificate data is registered in the CP database 
148a based on the identifier CP_ID and the public key io 
data Kqpp- 

[0494] Then, the certificate and/or usage control pol- 
icy management unit 145 reads out the certificate data 
CER CP of the related content provider 101 from the cer- 
tificate database 145b and outputs this to the content *5 
provider management unit 148. 

[0495] Also, the signature processing unit 1 43 obtains 
the hash value of the certificate data CERqp, produces 
the signature dataSIG 1 Esc by using the secret key data 
K ESC s of the EMD service center 1 02, and outputs this 20 
to the content provider management unit 148. 
[0496] Then, the content provider management unit 
148 encrypts the certificate data CER CP and the signa- 
ture data SIG 1 ESC thereof by using the session key data 
K SES obtained by the mutual certification between the 25 
mutual certification unit 150 and the mutual certification 
unit 1 20 shown in Fig. 4 and then transmits the same to 
the content provider 101. 

[0497] Next, an explanation will be given of the 
processing where the EMD service center 1 02 receives 30 
the issuance request of the certificate data CER SAM1 
from the SAM 105., by referring to Fig. 24. 
[0498] In this case, when receiving an identifier 
SAM., ID of the SAM 1 05 1 , public key data K SAM1 p , and 
signature data SIG 8 SAM1 from the SAM 105.,, the SAM 35 
management unit 149 decrypts them by using the ses- 
sion key data K SES obtained by the mutual certification 
between the mutual certification unit 150 and the SAM 
105 v 

[0499] Then, after confirming the legitimacy of the re- 40 
lated decrypted signature data SIG 8 SAM1 in the signa- 
ture processing unit 143, based on the identifier 
SAM.,_ID and the public key data K SAM1 P , it is con- 
firmed whether or not the SAM 1 05., outputting the issu- 
ance request of the related certificate data is registered 45 
in the SAM database 149a. 

[0500] Then, the certificate and/or usage control pol- 
icy management unit 145 reads out the certificate data 
CER SAM1 of the related SAM 105 1 from the certificate 
database 145b and outputs this to the SAM manage- so 
ment unit 149. 

[0501 ] Also, the signature processing unit 1 43 obtains 
the hash value of the certificate data CER^m-,, produc- 
es signature data SIG^ ESC by using the secret key data 
K ESC s of the EMD service center 1 02, and outputs this 55 
to the SAM management unit 149. 
[0502] Then, the SAM management unit 1 49 encrypts 
the certificate data CER SAM1 and the signature data 
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SIGso Esc thereof by using the session key data K SES 
obtained by the mutual certification between the mutual 
certification unit 1 50 and the SAM 1 05 1 , and then trans- 
mits the same to the SAM 105^ 

[0503] Note that, the processing where the SAMs 
1 05 1 to 1 05 4 request the certificate data is the same as 
the case of the SAM 1 05., mentioned above except only 
the object is replaced by the SAMs 105., to 1 05 4 . 
[0504] Note that, in the present invention, it is also 
possible if the EMD service center 1 02 produces the cer- 
tificate data CER SAMt of the public key data K SAM1 P at 
the time of shipment when a secret key data K SAM1 s 
and the public key data K SAM1 P of the SAM 105! are 
stored in the storage unit of the SAM 1 05 n at for example 
the related shipment of the SAM 105.,. 
[0505] At this time, at the related shipment, it is also 
possible to store the certificate data CER SAM1 in the 
storage unit of the SAM 105.,. 

[0506] Next, an explanation will be given of the 
processing where the EMD service center 1 02 receives 
the registration use module Mod 2 shown in Fig. 1 from 
the content provider 101 by referring to Fig. 23. 
[0507] In this case, when the content provider man- 
agement unit 148 receives the registration use module 
Mod 2 shown in Fig. 18 from the content provider 101 , 
the registration use module Mod 2 is decrypted by using 
the session key data K SES obtained by the mutual cer- 
tification between the mutual certification unit 150 and 
the mutual certification unit 120 shown in Fig. 4. 
[0508] Then, in the signature processing unit 1 43, the 
legitimacy of the signature data SIG M1 CP is verified by 
using the public key data K CPP read out from the key 
database 141a. 

[0509] Next, the certificate and/or usage control policy 
management unit 145 registers the usage control policy 
data 106, content key data Kc, watermark module WM, 
and SRP stored in the registration use module Mod 2 in 
the usage control policy database 145a. 
[0510] Next, the content provider management unit 
1 48 outputs the content key data Kc and the usage con- 
trol policy data 1 06 to the KF preparation unit 1 53. 
[0511] Next, the KF preparation unit 153 outputs the 
content key data Kc and usage control policy data 106 
input from the content provider management unit 148 
and the SAM program download containers SDC, to 
SDC 3 to the signature processing unit 143. 
[0512] Then, the signature processing unit 143 ob- 
tains the hash value with respect to the whole data input 
from the KF preparation unit 153, produces the signa- 
ture data SIG K1 ESC thereof by using the secret key data 
K ESC s of the EMD service center 1 02, and outputs this 
to the KF preparation unit 153. 

[0513] Next, in the KF preparation unit 153, by using 
the distribution use key data KO A to KD 6 of the corre- 
sponding period input from the key server 1 41 , the con- 
tent key data Kc and usage control policy data 106 and 
the SAM program download containers SDC-, to SDC 3 
are encrypted, and the key file KF storing the related 
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encrypted data and the signature data SIG K1 ESC input 
from the signature processing unit 143 therein is pro- 
duced and is stored in the KF database 153a. 
[0514] Here., as the SAM program download contain- 
ers SDC 1 to SDC 3 , it is also possible to use those stored 5 
in the registration use module Mod 2 or it is also possible 
to use those held by the EMD service center 102 in ad- 
vance. 

[0515] Next, the content provider management unit 
148 encrypts the key file KF obtained by accessing the 10 
KF database 153a by using the session key data K SES 
obtained by the mutual certification between the mutual 
certification unit 1 50 and the mutual certification unit 1 20 
shown in Fig. 4, and then transmits the same to the con- 
tent provider 101 . 15 
[051 6] Next, an explanation will be given of the settle- 
ment processing performed in the EMD service center 
1 02 by referring to Fig. 24. 

[0517] When receiving as input the usage log data 
1 08 and signature data SIG 20 o,sami thereof from for ex- 20 
ample the SAM 1 05 1 of the user home network 1 03, the 
SAM management unit 1 49 decrypts the usage log data 
108 and the signature data SIG 200SAM1 by using the 
session key data K SES obtained by the mutual certifica- 
tion between the mutual certification unit 150 and the 25 
SAM 1 05-j , verifies the signature data SIG 2 oo,sami by 
the public key data K SAM1 of the SAM 1 05! , and then 
outputs the same to the settlement processing unit 1 42. 
[0518] Then, the settlement processing unit 142 per- 
forms the settlement processing based on the usage log 30 
data 1 08 input from the SAM management unit 1 49 and 
the suggested retailer's price SRP contained in the us- 
age control policy data 1 06 read out from the usage con- 
trol policy database 1 45a via the certificate and/or usage 
control policy management unit 145 and the sales price 35 
and produces the settlement claim data 1 52 and the set- 
tlement report data 107. 

[051 9] The settlement processing unit 1 42 outputs the 
settlement claim data 152 to the settlement manager 
management unit 144 and, at the same time, outputs 40 
the settlement report data 1 07 to the content provider 
management unit 148. 

[0520] Next, the settlement manager management 
unit 1 44 transmits the settlement claim data 1 52 and the 
signature data SIG 99 thereof via the payment gateway 45 
90 shown in Fig. 1 to the settlement manager 91 after 
the mutual certification and the decryption by the ses- 
sion key data K SES . 

[0521] By this, the money of the sum indicated in the 
settlement claim data 1 52 is paid to the content provider so 
101. 

[0522] Next, an explanation will be given of the 
processing where the EMD service center 1 02 transmits 
the settlement report to the content provider 101 by re- 
ferring to Fig. 23. 55 
[0523] When the settlement is carried out in the set- 
tlement processing unit 142, as mentioned above, the 
settlement report data 1 07 is output from the settlement 
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processing unit 142 to the content provider manage- 
ment unit 148. 

[0524] In the settlement report data 107, as men- 
tioned above, for example the content of the settlement 
concerning the content provider 101 performed with re- 
spect to the settlement manager 91 shown in Fig. 1 by 
the EMD service center 102 is described. 
[0525] When receiving as input the settlement report 
data 107 from the settlement processing unit 142, the 
EMD service center 102 encrypts this by using the ses- 
sion key data K SES obtained by the mutual certification 
between the mutual certification unit 150 and the mutual 
certification unit 120 shown in Fig. 4 and then transmits 
the same to the content provider 101 . 
[0526] Also, after registering (authenticating) the us- 
age control policy data 106 as mentioned above, the 
EMD service center 102 may encrypt the authenticated 
certificate module by the distribution use key data KD t 
to KD 6 and transmit the same from the EMD service 
center 102 to the content provider 101 too. 
[0527] Also, the EMD service center 1 02 performs the 
processing at the time of shipment of the SAMs 1 05., to 
105 4 and the registration processing of the SAM regis- 
tration list other than the above, but these processings 
will be mentioned later. 

[User home network 1 03] 

[0528] The user home network 1 03 has a network ap- 
paratus 160., and AA/ apparatuses 160 2 to 160 4 as 
shown in Fig. 1. 

[0529] The network apparatus 160., includes a built- 
in SAM 105-,. Also, the AV apparatuses 160 2 to 160 4 
includes built-in SAMs 105 2 to 105 4 . 
[0530] The SAMs 1 05., to 1 05 4 are connected to each 
other via a bus 191, for example, an IEEE1394 serial 
interface bus. 

[0531] Note that, the AV apparatuses 160 2 to 160 4 
can have a network communication function too or may 
not have the network communication function, but utilize 
the network communication function of the network ap- 
paratus 160., via the bus 191. 

[0532] Also, the user home network 1 03 can have on- 
ly AV apparatuses not having the network function too. 
[0533] Below, an explanation will be made of the net- 
work apparatus 160 1 . 

[0534] Figure 25 is a view of the configuration of the 
network apparatus 160.,. 

[0535] As shown in Fig. 25, the network apparatus 
160! has the SAM 105.,, a communication module 162, 
a decryption and/or expansion module 163, a purchase 
and/or usage form determination operation unit 165, a 
download memory 167, a reproduction module 169, and 
an external memory 201 . 

[0536] The SAMs 105! to 105 4 are modules for per- 
forming the charge processing in units of content and 
communicate with the EMD service center 102. 
[0537] The SAMs 105 t to 105 4 are managed in their 
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specifications, versions, etc. by for example the EMD 
service center 1 02. If there is a desire for mounting them 
by a home electric apparatus maker, they are licensed 
as a black box charging module for charging in units of 
content. For example, a home electric apparatus devel- 
oper/manufacturer cannot determine the specifications 
inside the ICs (integrated circuits) of the SAMs 1 05, to 
105 4 .The EMD service center 102 standardizes the in- 
terfaces etc. of the related ICs. They are mounted in the 
network apparatus 160 1 and the AV apparatuses 160 2 
to 160 4 according to that. 

[0538] The SAMs 1 05, to 1 05 4 are hardware modules 
(IC modules etc.) having tamper resistance so that the 
processing contents thereof are completely sheltered 
from the outside, the processing contents cannot be 
monitored or tampered with from the outside, and the 
data stored inside in advance and the data being proc- 
essed cannot be monitored and tampered with from the 
outside. 

[0539] When the functions of the SAMs 1 05, to 1 05 4 
are realized in the form of ICs, secret memories are pro- 
vided inside the ICs, and secret programs and secret 
data are stored there. If the function of a SAM can be 
incorporated in any other portion of the apparatus not 
limited to the physical form of an IC, that portion can be 
defined as a SAM too. 

[0540] Below, a detailed explanation will be made of 
the function of the SAM 105,. 

[0541 ] Note that the SAMs 1 05 2 to 1 05 4 have basical- 
ly the same functions as the SAM 105, . 
[0542] Figure 26 is a view of the configuration of the 
function of the SAM 105,. 

[0543] Note that, in Fig. 26, the flow of the data related 
the processing of inputting a secure container 1 04 from 
the content provider 101 and decrypting the key file KF 
in the secure container 104 is shown. 
[0544] As shown in Fig. 26, the SAM 105, has a mu- 
tual certification unit 170, encryption and/or decryption 
units 171, 172, and 173, a content provider manage- 
ment unit 180, an error correction unit 181, a download 
memory management unit 182, a secure container de- 
cryption unit 1 83, a decryption and/or expansion module 
management unit 1 84, an EMD service center manage- 
ment unit 185, a usage monitor unit 186, a charge 
processing unit 187, a signature processing unit 189, a 
SAM management unit 190, a media SAM management 
unit 197, a stack (work) memory 200, and an externa! 
memory management unit 811 . 

[0545] Note that, the AV apparatuses 1 60 2 to 1 60 4 do 
not have the download memory 167, so the download 
memory management unit 182 does not exist in the 
SAM 105 2 to 105 4 . 

[0546] Note that, the predetermined function of the 
SAM 105, shown in Fig. 26 is realized by executing a 
secret program in for example a not illustrated CPU. 
[0547] Also, in the external memory 201 , after going 
through the following processing, as shown in Fig. 27, 
a usage log data 108 and a SAM registration list are 



stored. 

[0548] Here, the memory space of the external mem- 
ory 201 cannot be seen from the outside (for example 
a host CPU 810) of the SAM 105,. Only the SAM 105, 
5 can manage access with respect to the storage region 
of the external memory 201 . 

[0549] As the external memory 210, use is made of 
for example a flash memory or a ferro-electric memory 
(FeRAM). 

10 [0550] Also, as the stack memory 200, use is made 
of for example a SARAM. As shown in Fig. 28, the se- 
cure container 104, content key data Kc, usage control 
policy data (UCP) 1 06, a lock key data K LOC of a storage 
unit 192, certificate data CER CP of the content provider 

15 101, usage control status data (UCS) 166, SAM pro- 
gram download containers SDC, to SDC 3 , etc. are pro- 
vided. 

[0551] Below, among the functions of the SAM 105,, 
the processing contents of the functional blocks when 

20 the secure container 1 04 from the content provider 101 
is input will be explained by referring to Fig. 26. 
[0552] The mutual certification unit 1 70 performs mu- 
tual certification between the content provider 1 01 and 
the EMD service center 102 when the SAM 105, trans- 

25 mits and receives the data on-line between the content 
provider 101 and the EMD service center 102 to produce 
a session key data (common key) K SES and outputs this 
to the encryption and/or decryption unit 171. The ses- 
sion key data K SES is newly produced with each mutual 

30 certification. 

[0553] The encryption and/or decryption unit 171 en- 
crypts and/or decrypts the data transmitted and re- 
ceived between the content provider 101 and the EMD 
service center 1 02 by using the session key data K SES 

35 produced by the mutual certification unit 1 70. 

[0554] The error correction unit 1 81 corrects the error 
of the secure container 1 04 and outputs the same to the 
download memory management unit 182. 
[0555] Note that, it is also possible if the user home 

40 network 1 03 has a function for detecting whether or not 
the secure container 1 04 has been tampered with. 
[0556] In the present embodiment, the case where the 
error correction unit 181 was built in the SAM 105, was 
exemplified, but it is also possible to impart the function 

45 of the error correction unit 1 81 to the outside of the SAM 
105,, for example, the host CPU 810. 
[0557] The download memory management unit 1 82 
performs the mutual certification between the mutual 
certification unit 1 70 and a media SAM 1 67a in a case 

so where the download memory 167 has a media SAM 
1 67a having a mutual certification function as shown in 
Fig. 25, and then encrypts the secure container 1 04 after 
the error correction by using the session key data K SES 
obtained by the mutual certification and writes the same 

55 into the download memory 1 67 shown in Fig. 25. As the 
download memory 167, use is made of for example a 
nonvolatile semiconductor memory such as memory 
stick. 
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[0558] Note that, as shown in Fig. 29, where a mem- 
ory not provided with a mutual certification function such 
as a HDD (hard disk drive) is used as a download mem- 
ory 211, the inside of the download memory 211 is not 
secure, so the content file CF is downloaded on the 5 
download memory 211 . and a key file KF having a high 
secrecy is downloaded on for example the stack mem- 
ory 200 shown in Fig. 26. 

[0559] The secure container decryption unit 1 83 de- 
crypts the content key data Kc, usage control policy data 
106, and the SAM program download containers SDC, 
to SDC 3 in the key file KF stored in the secure container 
1 04 input from the download memory management unit 
1 82 by using distribution use key data KD 1 to KD 3 read 
out from the storage unit 192. 

[0560] The related decrypted content key data Kc, us- 
age control policy data 106, and the SAM program 
download containers SDC, to SDC 3 are written into the 
stack memory 200. 

[0561] The EMD service center management unit 185 
manages the communication with the EMD service 
center 102 shown in Fig. 1 . 

[0562] The signature processing unit 189 verifies the 
signature data in the secure container 104 by using a 
public key data K ESC P of the EMD service center 102 
read out from the storage unit 192 and the public key 
data Kcpp of the content provider 1 01 . 
[0563] The storage unit 1 92 stores : as the secret data 
which cannot be read out and rewritten from the outside 
of the SAM 105 1f as shown in Fig. 30, a plurality of dis- 
tribution use key data KD 1 to KD 3 with expiration dates, 
SAM_IDs, user IDs : passwords, information reference 
use IDs, a SAM registration list, storage use key data 
K STRt public key data K R _ CA p of the route CA, public key 
data K ESCP of the EMD service center 102, media key 
data K MED , public key data K ESC p of the EMD service 
center 102, secret key data K SAM1 s of the SAM 105.,, 
the certificate data CER SAM1 storing public key data 
k sami.p of tne SAM 105 1 therein, signature data SIG^ 
of the certificate CER ESC using the secret key data 
K ESC s of the EMD service center 1 02, the original key 
data for the mutual certification with the decryption and/ 
or expansion module 163 (where the common key en- 
cryption method is employed), the original key data for 
the mutual certification with the media SAM (where the 
common key encryption method is employed), and cer- 
tificate data CER MEDSAM of the media SAM (where the 
public key encryption method is employed). 
[0564] Also, in the storage unit 1 92, a secret program 
for realizing at least one part of the functions shown in 
Fig. 26 is stored. 

[0565] As the storage unit 1 92 : use is made of for ex- 
ample a flash-EEPROM (electrically erasable program- 
mable RAM). 

[0566] Below, an explanation will be made of the flow 
of the processing in the SAM 1 05! when storing the dis- 
tribution use key data KD-, to KD 3 received from the 
EMD service center 102 in the storage unit 192 by re- 
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ferring to Fig. 26. 

[0567] In this case, first, mutual certification is carried 
out between the mutual certification unit 170 and the 
mutual certification unit 150 shown in Fig. 23. 
[0568] Next, three months' worth of the distribution 
use key data K., to K 3 encrypted by the session key data 
K SES obtained by the related mutual certification and the 
signature data SIG KD1 ESC toSIGKD^sc thereof are 
written from the EMD service center 102 via the EMD 
service center management unit 185 into the stack 
memory 811. 

[0569] Next, in the encryption and/or decryption unit 
1 71 , by using the session key data K SES , the distribution 
use key data K., to K 3 and the signature data SIG KD1ESC 
toSIG KD3 ESC thereof are decrypted. 
[0570] Next, in the signature processing unit 1 89, af- 
ter the legitimacy of the signature data SIG KD1 ESC to 
S' g kd3.esc stored in the stack memory 811 is con- 
firmed, the distribution use key data to K 3 are written 
into the storage unit 192. 

[0571 ] Below, an explanation will be made of the flow 
of the processing in the SAM 1 0S, receiving as input the 
secure container 104 provided by the content provider 
101 by referring to Fig. 26. 

[0572] Mutual certification is carried out between the 
mutual certification unit 170 of the SAM 105., shown in 
Fig. 26 and the mutual certification unit 120 shown in 
Fig. 3. 

[0573] The encryption and/or decryption unit 171 de- 
crypts the secure container 104 supplied from the con- 
tent provider 101 via the content provider management 
unit 180 by using the session key data K SES obtained 
by the related mutual certification. 
[0574] Next, the signature processing unit 1 89 verifies 
the signature data SIG., Esc shown in Fig. 5C and then 
verifies the legitimacy of the signature data SIG 6 cp and 
SIG 7 CP by using the public key data Kc P P of the content 
provider 101 stored in the certificate data CERcp shown 
in Fig. 5C. 

[0575] At this time, when it is verified that the signa- 
ture data SIG 6 CP is legitimate, the legitimacy of the pro- 
ducer and the transmitter of the content file CF is con- 
firmed. 

[0576] Also, when it is verified that the signature data 
SIG 7 CP is legitimate, the legitimacy of the transmitter of 
the key file KF is confirmed. 

[0577] Also, the signature processing unit 1 89 verifies 
the legitimacy of the signature data SIG K1 ESC in the key 
file KF shown in Fig. 5B : that is, the legitimacy of the 
producer of the key file KF and whether or not the key 
file KF is registered in the EMD service center 102 by 
using the public key data r^sc P read out from the stor- 
age unit 192. 

[0578] The content provider management unit 180 
outputs the secure container 1 04 to the error correction 
unit 181 when the legitimacy of the signature data 
SIG 6 CP , SIG 7 C p, and SIG K1 ES c is confirmed. 
[0579] The error correct ion unit 181 performs the error 
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correction of the secure container 104 and then outputs 
the same to the download memory management unit 
182. 

[0580] The download memory management unit 182 
writes the secure container 1 04 into the download mem- 5 
ory 167 after performing the mutual certification be- 
tween the mutual certification unit 170 and the media 
SAM 167a shown in Fig. 25. 

[0581] Next, the download memory management unit 
182 performs mutual certification between the mutual *o 
certification unit 170 and the media SAM 167a shown 
in Fig. 25 and then reads out the key file KF shown in 
Fig. 5B stored in the secure container 104 from the 
download memory 1 67 and outputs the same to the se- 
cure container decryption unit 183. 15 
[0582] Then, in the secure container decryption unit 
1 83, by using the distribution use data KD 1 to KD 3 of the 
corresponding period input from the storage unit 192, 
the content key data Kc, usage control policy data 106, 
and the SAM program download containers SDC 1 to 20 
SDC 3 in the key file KF shown in Fig. 5Bare decrypted. 
[0583] Then, the decrypted content key data Kc, us- 
age control policy data 106, and the SAM program 
download containers SDC 1 to SDC 3 are written into the 
stack memory 200. 25 
[0584] Below : an explanation will be made of the 
processing contents of the functional blocks related to 
the processing of using and purchasing the content data 
C downloaded on the download memory 167 by refer- 
ring to Fig. 31 . 30 
[0585] The usage monitor unit 186 reads out the us- 
age control policy data 1 06 and the usage control status 
data 166 from the stack memory 200 and monitors so 
that the purchase and/or usage of the content is carried 
out within a range permitted by the related read out us- 35 
age control policy data 1 06 and usage control status da- 
ta 166. 

[0586] Here, the usage control policy data 106 is 
stored in the KF after decryption and stored in the stack 
memory 200 as explained by using Fig. 26. 40 
[0587] Also, the usage control status data 166 is 
stored in the stack memory 200 when the purchase form 
is determined by the user as will be mentioned later. 
[0588] The charge processing unit 187 produces the 
usage log data 108 in response to an operation signal 45 
S1 65 from the purchase and/or usage form determina- 
tion operation unit 165 shown in Fig. 25. 
[0589] Here, the usage log data 1 08 describes the log 
of the purchase and usage forms of the secure container 
1 04 by the user as mentioned before and is used when so 
performing settlement processing in accordance with 
the purchase of the secure container 1 04 and determin- 
ing the payment of the license fee in the EMD service 
center 102. 

[0590] Also, the charge processing unit 187 notifies 55 
the sales price or the suggested retailer's price data 
SRP read out from the stack memory 200 to the user 
according to need. 
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[0591 ] Here, the sales price and the suggested retail- 
er's price data SRP have been stored in the usage con- 
trol policy data 106 of the key file KF shown in Fig. 5B 
stored in the stack memory 200 after decryption. 
[0592] The charge processing by the charge process- 
ing unit 187 is carried out based on the right content 
such as the usage permission condition indicated by the 
usage control policy data 1 06 and the usage control sta- 
tus data 166 under the monitoring of the usage monitor 
unit 1 86. Namely, the user purchases and uses the con- 
tent within the range according to the related right con- 
tent, etc. 

[0593] Also, the charge processing unit 1 87 produces 
the usage control status (UCS) data describing the pur- 
chase form of the content by the user and writes this into 
the stack memory 200. 

[0594] As the purchase form of the content, there are 
for example an outright purchase without restriction as 
to the reproduction by the purchaser and copying for the 
usage of the related purchaser, a reproduction charge 
for charging with each reproduction, etc. 
[0595] Here, the usage control status data 1 66 is pro- 
duced when the user determines the purchase form of 
the content and is used for control so that the user uses 
the related content within the range permitted by the re- 
lated determined purchase form Shereafter. In the us- 
age control status data 166, the ID of the content, the 
purchase form, the price in accordance with the related 
purchase form, the SAMJD of the SAM with the pur- 
chase of the related content performed therefor, the 
USEFMD of the purchased user, etc. are described. 
[0596] Note that, where the determined purchase 
form is a reproduction charge, for example, the usage 
control status data 1 66 is transmitted from the SAM 1 05 1 
to the content provider 101 in real-time simultaneously 
with the purchase of the content data C, and the content 
provider 101 instructs the EMD service center 102 to 
obtain the usage log data 108 at the SAM 105 1 within 
the predetermined period. 

[0597] Also, where the determined purchase form is 
an outright purchase, for example, the usage control 
status data 1 66 is transmitted in real-time to both of the 
content provider 101 and the EMD service center 102. 
In this way, in the present embodiment, in both cases, 
the usage control status data 1 66 is transmitted in real- 
time to the content provider 1 01 . 

[0598] The EMD service center management unit 185 
transmits the usage log data 1 08 read out from the ex- 
ternal memory 201 via the external memory manage- 
ment unit 811 to the EMD service center 102. 
[0599] At this time, the EMD service center manage- 
ment unit 1 85 produces the signature data SIG^q SAM1 
of the usage log data 1 08 by using the secret key data 
K SAM1 s in the signature processing unit 189 and trans- 
mits the signature data SIG^.sami together with the 
usage log data 108 to the EMD service center 102. 
[0600] The usage log data 108 can be transmitted to 
the EMD service center 102 in response to for example 
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a request from the EMD service center 102 or periodi- 
cally or can be transmitted when the amount of informa- 
tion of the log information contained in the usage log 
data 108 becomes a predetermined amount or more 
too. The related amount of information is determined in 5 
accordance with for example the storage capacity of the 
external memory 201 . 

[0601] The download memory management unit 1 82 
outputs the content data C read out from the download 
memory 167, content key data Kc read out from the 10 
stack memory 200, and the user watermark use data 
1 96 input from the charge processing unit 1 87 to the de- 
cryption and/or expansion module management unit 
1 84 in the case where for example a reproduction oper- 
ation of the content is carried out in response to the op- '5 
eration signal S165 from the purchase form determina- 
tion operation unit 165 shown in Fig. 25. 
[0602] Also, the decryption and/or expansion module 
management unit 184 outputs the content file CF read 
out from the download memory 1 67 and the content key 20 
data Kc and a half disclosure parameter data 1 99 read 
out from the stack memory 200 to the decryption and/or 
expansion module management unit 1 84 when a demo 
operation of the content is carried out in response to the 
operation signal S165 from the purchase form determi- 25 
nation operation unit 165 shown in Fig. 25. 
[0603] Here, the half disclosure parameter data 1 99 
is described in the usage control policy data 106 and 
indicates the handling of the content in the demo mode. 
In the decryption and/or expansion module 163, it be- 30 
comes possible to reproduce the encrypted content data 
C in the half disclosure state based on the half disclo- 
sure parameter data 199. As the procedure of the half 
disclosure, there is for example a procedure of desig- 
nating the blocks to be decrypted and the blocks not to 35 
be decrypted by using the content key data Kc. limiting 
the reproduction function at the demo or limiting a demo 
enable period by the half disclosure parameter data 1 99 
by utilizing the fact that the decryption and/or expansion 
module 1 63 processes the data (signal) in units of pre- *o 
determined blocks. 

[0604] Below, an explanation will be made of the flow 
of the processing in the SAM 105.,. 
[0605] First, an explanation will be made of the flow 
of the processing up to when the purchase form of the *5 
secure container 104 downloaded on the download 
memory 167 from the content provider 101 is deter- 
mined by referring to Fig. 31 . 

[0606] When the operation signal S 1 65 indicating the 
demo mode is output to the charge processing unit 1 87 so 
by the operation of the purchase and/or usage form de- 
termination operation unit 1 65 shown in Fig. 25 by the 
user, for example, the content file CF stored in the down- 
load memory 1 67 is output via the decryption and/or ex- 
pansion module management unit 1 84 to the decryption 55 
and/or expansion module 163 shown in Fig. 25. 
[0607] At this time, for the content file CF, mutual cer- 
tification between the mutual certification unit 1 70 and 
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the media SAM 1 67a, encryption and/or decryption by 
the session key data K SES> mutual certification between 
the mutual certification unit 170 and the mutual certifi- 
cation unit 220, and encryption and/or decryption by the 
session key data K SES are carried out. 
[0608] The content file CF is decrypted by using the 
session key data K SES at the decryption unit 221 shown 
in Fig. 25, and then output to the decryption unit 222. 
[0609] Also, the content key data Kc and the half dis- 
closure parameter data 199 read out from the stack 
memory 200 are output to the decryption and/or expan- 
sion module 1 63 shown in Fig. 25. At this time, after the 
mutual certification between the mutual certification unit 
170 and the mutual certification unit 220, encryption and 
decryption by the session key data K SES are carried out 
with respect to the content key data Kc and the half dis- 
closure parameter data 199. 

[0610] Next, the decrypted half disclosure parameter 
data 1 99 is output to the half disclosure processing unit 
225. Under the control of the half disclosure processing 
unit 225, the decryption of the content data C using the 
content key data Kc by the decryption unit 222 is carried 
out in half disclosure. 

[061 1 ] Next, the content data C decrypted in half dis- 
closure is expanded at the expansion unit 223 and then 
output to the electronic watermark information process- 
ing unit 224. 

[0612] Next, the user watermark use data 1 96 is bur- 
ied in the content data C in the electronic watermark in- 
formation processing unit 224, and then the content data 
C is reproduced at the reproduction module 169, and 
sound in accordance with the content data C is output. 
[061 3] Then, when the user trying out the content de- 
termines the purchase form by operating the purchase 
and/or usage form determination operation unit 1 65, the 
operation signal S165 indicating the related determined 
purchase form is output to the charge processing unit 
187. 

[0614] Then, in the charge processing unit 187, the 
usage log data 108 and the usage control status data 
166 in accordance with the determined purchase form 
are produced, the usage log data 108 is written into the 
externa! memory 201 via the external memory manage- 
ment unit 81 1 , and, at the same time, the usage control 
status data 166 is written into the stack memory 200. 
[0615] Thereafter, in the usage monitor unit 1 86, con- 
trol (monitoring) is carried out so that the content data 
is purchased and used within the range permitted by the 
usage control status data 166. 

[0616] Then, a new key file KFj shown in Fig. 34C 
mentioned later is produced, and the related produced 
key file KF 1 is stored in the download memory 167 via 
the download memory management unit 182. 
[0617] As shown in Fig. 34C, the usage control status 
data 166 stored in the key file KF n is sequentially en- 
crypted by using the storage key data K STR and the me- 
dia key data K MED by utilizing the CBC mode of the DES. 
[0618] Here, the storage use key data K STR is data 
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determined in accordance with the type of apparatus, 
for example, a SACD (Super Audio Compact Disc), a 
DVD (Digital Versatile Disc) apparatus, CD-R appara- 
tus, and MD (Mini Disc) apparatus and is used for es- 
tablishing one-to-one correspondence between the s 
types of the apparatuses and the types of the storage 
media. Also : the media key data K MED is data unique to 
the storage medium. 

[0619] Also, in the signature processing unit 189, a 
hash value H K1 of the key file KF 1 is produced by using 
the secret key data K SAM1 s of the SAM 105.,, and the 
related produced hash value H K1 is written into the stack 
memory 200 in correspondence to the key file KF., . The 
hash value H K1 is used for verifying the legitimacy of the 
producer of the key file KF., and whether or not the key 
file KF 1 was tampered with. 

[0620] Next, the flow of the processing where the con- 
tent data C with the purchase form already determined 
therefor stored in the download memory 167 will be ex- 
plained by referring to Fig. 31 . 

[0621] In this case, under the monitoring of the usage 
monitor unit 186, based on the operation signal S165, 
the content file CF stored in the download memory 1 67 
is output to the decryption and/or expansion module 1 63 
shown in Fig. 31 . At this time, mutual certification is car- 
ried out between the mutual certification unit 1 70 shown 
in Fig. 31 and the mutual certification unit 220 of the de- 
cryption and/or expansion module 1 63 shown in Fig. 25. 
[0622] Also, the content key data Kc read out from the 
stack memory 200 is output to the decryption and/or ex- 
pansion module 163. 

[0623] Then, in the decryption unit 222 of the decryp- 
tion and/or expansion module 1 63, the decryption of the 
content file CF using the content key data Kc and the 
expansion processing by an expansion unit 223 are car- 
ried out, and in the reproduction module 1 69. the content 
data C is reproduced. 

[0624] At this time, by the charge processing unit 1 87, 
the usage log data 108 stored in the external memory 
201 is updated in accordance with the operation signal 
S165. 

[0625] The usage log data 108 is read out from the 
external memory 201 , and then, after passing through 
the mutual certification, transmitted via the EMD service 
center management unit 1 85 together with the signature 
data SIGgoo.sAMi t0 tne EMD service center 102. 
[0626] Next, as shown in Fig. 32, the flow of the 
processing in the SAM 105., in a case where for exam- 
ple, after the purchase form of the content file CF down- 
loaded on the download memory 1 67 of the network ap- 
paratus 160-, is determined as mentioned above, a new 
secure container 1 04x storing the related content file CF 
is produced, and the secure container 104x is trans- 
ferred via the bus 1 91 to the SAM 1 05 2 of the AV appa- 
ratus 160 2 will be explained by referring to Fig. 33. 
[0627] The user operates the purchase and/or usage 
form determination operation unit 165 and instructs the 
transfer of the predetermined content stored in the 



download memory 167 to the AV apparatus 160 2 , and 
the operation signal S1 65 in accordance with the related 
operation is output to the charge processing unit 187. 
[0628] By this, the charge processing unit 187 up- 
dates the usage log data 108 stored in the external 
memory 201 based on the operation signal S165. 
[0629] Also, the charge processing unit 1 87 transmits 
the usage control status data 1 66 indicating the related 
determined purchase form via the EMD service center 
management unit 185 to the EMD service center 102 
whenever the purchase form of the content data is de- 
termined. 

[0630] Also, the download memory management unit 
182 outputs the content file CF and the signature data 
SIG € CP thereof shown in Fig. 5A, the key file KF and 
the signature data SIG 7 CP thereof, and the key file KF., 
and the hash value H K1 thereof read out from the down- 
load memory 167 to the SAM management unit 190. At 
this time, the mutual certification between the mutual 
certification unit 170 of the SAM 105 1 and the media 
SAM 167a and the encryption and/or decryption by the 
session key data K SES are carried out. 
[0631 ] Also, the signature processing unit 1 89 obtains 
the hash value of the content file CF, produces signature 
data SIG 41 SAM1 by using the secret key data K SAM1 s . 
and outputs this to the SAM management unit 190. 
[0632] Also, the signature processing unit 1 89 obtains 
the hash value of the key file KF 1; produces signature 
data SIG 42SAM1 by using the secret key data K SAM1 s , 
and outputs this to the SAM management unit 190. 
[0633] Also, the SAM management unit 1 90 reads out 
the certificate data CER CP and the signature data 
SIG 1 ESC thereof and the certificate data CER SAM1 and 
the signature data SIG 22 Esc thereof shown in Fig. 34D 
from the storage unit 1 92. 

[0634] Also, the mutual certification unit 170 outputs 
the session key data K SES obtained by performing the 
mutual certification with the SAM 1 05 2 to the encryption 
and/or decryption unit 171. 

[0635] The SAM management unrt 190 produces a 
new secure container 1 04x comprised of the data shown 
in Figs. 34A : 34B, 34C, and 34D, encrypts the secure 
container 104x in the encryption and/or decryption unit 
171 by using the session key data K SES , and then out- 
puts the same to the SAM 1 05 2 of the AV apparatus 1 60 2 
shown in Fig. 32. 

[0636] At this time, in parallel to the mutual certifica- 
tion between the SAM 105! and the SAM 105 2 , mutual 
certification of the bus 191 serving as the IEEE1 394 se- 
rial bus is carried out. 

[0637] Below, as shown in Fig. 32, the flow of the 
processing in the SAM 105 2 when writing the secure 
container 1 04x input from the SAM 1 05., into the storage 
medium 130 4 of a RAM type or the like will be explained 
by referring to Fig. 35. 

[0638] Here , the RAM type storage medium 1 30 4 has 
for example an unsecure RAM region 1 34, a media SAM 
133, and a secure RAM region 132. 
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[0639] In this case, the SAM management unit 1 90 of 
the SAM 105 2 receives as input the secure container 
1 04x from the SAM 1 05., of the network apparatus 1 
as shown in Fig. 32 and Fig. 35. 

[0640] Then, in the encryption and/or decryption unit 
1 71 , the secure container 1 04x input via the SAM man- 
agement unit 190 is decrypted by using the session key 
data K SES obtained by the mutual certification between 
the mutual certification unit 170 and the mutual certifi- 
cation unit 170 of the SAM 105 v 
[0641] Next, in the signature processing unit 1 89, the 
legitimacy of the signature data SIG 6 CP is verified by 
using the public key data Kcpp, and the legitimacy of 
the producer of the content file CF is confirmed. Also, in 
the signature processing unit 189, the legitimacy of the 
signature data SIG 41 SAM1 is verified by using the public 
key data K SAM1 P , and the legitimacy of the transmitter 
of the content file CF is confirmed. 
[0642] Then, after it is confirmed that the producer 
and the transmitter of the content file CF are legitimate, 
the content file CF is output from the SAM management 
unit 1 90 to a storage module management unit 855, and 
the content file CF is written into the RAM region 134 of 
the RAM type storage medium 130 4 shown in Fig. 32. 
[0643] Also, the key file KF and the signature data 
SIG 7 C p and SIG 42 S ami thereof, the key file KF., and the 
hash value K K1 thereof, the certificate data CER CP and 
the signature data SIG., ESC thereof, and the certificate 
data CER SAM1 and the signature data SIG 22 ESC thereof 
decrypted by using the session key data K SES are writ- 
ten into the stack memory 200. 

[0644] Next, the signature processing unit 1 89 verifies 
the signature data SIG 22 ESC read out from the stack 
memory 200 by using the public key data K ESC P read 
out from the storage unit 192 and confirms the legitima- 
cy of the certificate data CER SAM1 . 
[0645] Then, the signature processing unit 189 veri- 
fies the legitimacy of the signature data SIG 42SAM1 
stored in the stack memory 200 by using the public key 
data K SAM1 P stored in the certificate data CER SAM1 
when confirming the legitimacy of the certificate data 
CER SAM1 . Then, when it is verified that the signature 
data S1G 42 SAM1 is legitimate, the legitimacy of the key 
file KF is confirmed. 

[0646] Also, the signature processing unit 1 89 verifies 
the signature data SIG-, ESC read out from the stack 
memory 200 by using the public key data K ESC P read 
out from the storage unit 192 and confirms the legitima- 
cy of the certificate data CERcp. 
[0647] Then, the signature processing unit 189 veri- 
fies the legitimacy of the signature data SIG 7SAM1 
stored in the stack memory 200 by using the public key 
data Kqpp stored in the certificate data CERcp when 
confirming the legitimacy of the certificate data CER CP . 
Then, when it is verified that the signature data 
SIG 7 

sami ' s legitimate, the legitimacy of the producer 
of the key file KF is confirmed. 

[0648] When it is confirmed that the producer and the 



transmitter of the key file KF are legitimate, the key file 
KF is read out from the stack memory 200 and written 
into the secure RAM region 1 32 of the RAM type storage 
medium 130 4 shown in Fig. 34 via the storage module 

5 management unit 855. 

[0649] Also, the signature processing unit 1 89 verifies 
the legitimacy of the hash value H K1 by using the public 
key data K SAM1 P and confirms the legitimacy of the pro- 
ducer and transmitter of the key file KF n . 

10 [0650] Then, when the legitimacy of the producer and 
the transmitter of the key file KF., is confirmed, the key 
file KF., shown in Fig. 34C is read out from the stack 
memory 200 and output to the encryption and/or decryp- 
tion unit 173. 

15 [0651] Note that, in the related example, the case 
where the producer and the transmitter of the key file 
KF., were the same was mentioned, but where the pro- 
ducer and the transmitter of the key file KF., are different, 
the signature data of the producer and the signature da- 

20 ta of the transmitter are produced with respect to the key 
file KF 1t and the legitimacy of the both signature data is 
verified in the signature processing unit 189. 
[0652] Then, the encryption and/or decryption unit 
1 73 encrypts the content key data Kc and the usage 

25 control status data 1 66 in the key file KF n by sequentially 
using the storage use key data K STR . media key data 
K MED , and the purchaser key data K P , N read out from 
the storage unit 1 92 and outputs the same to the storage 
module management unit 855. 

30 [0653] Then, by the storage module management unit 
855, the encrypted key file KF., is stored in the secure 
RAM region 132 of the RAM type storage medium 130 4 . 
[0654] Note that, the media key data K MED is stored 
in the storage unit 192 in advance by the mutual certifi- 
es cation between the mutual certification unit 170 shown 
in Fig. 33 and the media SAM 1 33 of the RAM type stor- 
age medium 130 4 shown in Fig. 32. 
[0655] Here, the storage use key data K STR is data 
determined in accordance with the type of apparatus 

40 (AV apparatus 1 60 2 in the related example) of for exam- 
ple the SACD (Super Audio Compact Disc), DVD (Dig- 
ital Versatile Disc) apparatus, CD-R apparatus, and MD 
(Mini Disc) apparatus and is used for establishing one- 
to-one correspondence between the types of the appa- 

45 ratuses and the types of the storage media. Note that, 
the physical structures of the disc media are the same 
between SACD and DVD, so there is a case where the 
recording and/or reproduction of the storage medium of 
an SACD can be carried out by using a DVD apparatus. 

50 The storage use key data K STR performs the function of 
preventing illegitimate copies in such a case. 
[0656] Note that, in the present embodiment, it is also 
possible not to encrypt using the storage use key data 

K STFV 

55 [0657] Also, the media key data K MED is data unique 
to the storage medium (RAM type storage medium 1 30 4 
in the related example). 

[0658] The media key data K MED is stored in the stor- 
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age medium (RAM type storage medium 130 4 shown in 
Fig. 32 in the related example). It is preferred from the 
viewpoint of the security that encryption and the decryp- 
tion using the media key data K MED be carried out in the 
media SAM of the storage medium. At this time, the me- 5 
dia key data K MED is stored in the related media SAM 
where the media SAM is mounted in the storage medi- 
um, while is stored in for example a region out of man- 
agement of the host CPU 810 in the RAM region where 
the media SAM is not mounted in the storage medium. 10 
[0659] Note that, it is also possible to perform the mu- 
tual certification between the apparatus side SAM (SAM 
1 05 2 in the related example) and the media SAM (media 
SAM 133 in the related example), transfer the media key 
data K MED via the secure communication route to the '5 
apparatus side SAM, and perform the encryption and 
decryption using the media key data K MED in the appa- 
ratus side SAM as in the present embodiment. 
[0660] In the present embodiment, the storage use 
key data K STR and the media key data K MED are used 20 
for protecting the security of the level of the physical lay- 
er of the storage medium. 

[0661] Also, the purchaser key data K PIN is data indi- 
cating the purchaser of the content file CF and is allo- 
cated by the EMD service center 1 02 to the related pur- 25 
chased user when for example the content is purchased 
by outright purchase. The purchaser key data K P(N is 
managed in the EMD service center 102. 
[0662] Also, in the above embodiment, the case 
where the key files KF and KF., were stored in the secure 30 
RAM region 1 32 of the RAM type storage medium 130 4 
by using the storage module 260 was exemplified, but 
as indicated by a dotted line in Fig. 32 : it is also possible 
to store the key files KF and KF 1 in the media SAM 1 33 
from the SAM 105 2 . 35 
[0663] Next, the flow of the processing when deter- 
mining the purchase form in the AV apparatus 160 2 
where the user home network 303 is distributed the 
ROM type storage medium 130 1 shown in Fig. 12 with 
the purchase form of the content undetermined therefor 40 
off-line will be explained by referring to Fig. 36 and Fig. 
37. 

[0664] The SAM 105 2 of the AV apparatus 160 2 first 
performs the mutual certification between the mutual 
certification unit 170 shown in Fig. 37 and the media 45 
SAM 1 33 of the ROM type storage medium 1 30 1 shown 
in Fig. 1 2, and then receives as input the media key data 
K MED from the media SAM 133. 

[0665] Note that, where the SAM 105 2 holds the me- 
dia key data K MED in advance, it is also possible if the 50 
related input is not carried out. 

[0666] Next, the key Hie KF and the signature data 
SIG 7 CP thereof and the certificate data CER CP and the 
signature data SIG 1 Esc thereof shown in Figs. 5B and 
5C stored in the secure container 104 stored in the se- 55 
cure RAM region 132 of the ROM type storage medium 
1 30 1 are input via the media SAM management unit 1 97 
or not illustrated read out module management unit and 



are written into the stack memory 200. 
[0667] Next, in the signature processing unit 189, af- 
ter the legitimacy of the signature data SIG 1 ESC is con- 
firmed, the public key data K^p is extracted from the 
certificate data CER CP , and by using this public key data 
Kcpp, the legitimacy of the signature data SIG 7 CP , that 
is, the legitimacy of the transmitter of the key file KF is 
verified. 

[0668] Also, in the signature processing unit 189, by 
using the public key data K ESC P read out from the stor- 
age unit 192, the legitimacy of the signature data 
SIG K1 ESC stored in the key file KF, that is, the legitimacy 
of the producer of the key file KF. is verified. 
[0669] When the legitimacy of the signature data 
SIG 7 CP and SIG K1 ESC is confirmed in the signature 
processing unit 1 89, the key file KF is read out from the 
stack memory 200 to the secure container decryption 
unit 183. 

[0670] Next, in the secure container decryption unit 
1 83, by using the distribution use data KD n to KD 3 of the 
corresponding period, the content key data Kc, usage 
control policy data 1 06, and the SAM program download 
containers SDC, to SDC 3 stored in the key file KF are 
decrypted and are written into the stack memory 200. 
[0671 ] Next, after the mutual certification between the 
mutual certification unit 170 shown in Fig. 37 and the 
decryption and/or expansion module 163 shown in Fig. 
36, the decryption and/or expansion module manage- 
ment unit 184 of the SAM 105 2 outputs the content key 
data Kc stored in the stack memory 200 and the half 
disclosure parameter data 199 stored in the usage con- 
trol policy data 106 and the content data C stored in the 
content file CF read out from the ROM region 1 31 of the 
ROM type storage medium 130 1 to the decryption and/ 
or expansion module 163 shown in Fig. 36. Next, in the 
decryption and/or expansion module 163. the content 
data C is decrypted in the half disclosure mode by using 
the content key data Kc and then expanded and output 
to a reproduction module 270. Then, in the reproduction 
module 270, the content data C from the decryption and/ 
or expansion module 163 is reproduced. 
[0672] Next, the purchase form of the content is de- 
termined by the purchase operation of the purchase 
form determination operation unit 165 shown in Fig. 36 
by the user, and the operation signal S1 65 indicating the 
related determined purchase form is input to the charge 
processing unit 187. 

[0673] Next, the charge processing unit 1 87 produces 
the usage control status data 1 66 in response to the op- 
eration signal S1 65 and writes this into the stack mem- 
ory 200. 

[0674] Next, the content key data Kc and the usage 
control status data 1 66 are output from the stack mem- 
ory 200 to the encryption and/or decryption unit 173. 
[0675] Next, the encryption and/ordecryption unit 1 73 
sequentially encrypts the content key data Kc and the 
usage control status data 1 66 input from the stack mem- 
ory 200 by using the storage use key data K STRl the me- 
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